Apr 09, 2026 · 6 min read
7.7 Terabytes of Sensitive LAPD Records Leaked in City Attorney Hack
The World Leaks extortion gang compromised a third party discovery system used by the Los Angeles City Attorney's Office, exposing officer personnel files, internal affairs investigations, and witness identities.
What Was Stolen
On March 20, 2026, attackers compromised a third party discovery transfer system used by the Los Angeles City Attorney's Office. The breach exposed 337,000 files totaling 7.7 terabytes, making it one of the largest law enforcement data leaks in US history.
The stolen material includes:
- Unredacted LAPD officer personnel files
- Internal affairs investigation documents
- Witness names, addresses, and medical records
- Unredacted criminal complaints
- Confidential case materials from active investigations
Who Is Behind It
The World Leaks extortion gang claimed responsibility for the attack. The group specializes in data theft and extortion, typically stealing large volumes of sensitive data and threatening to publish it unless a ransom is paid. Unlike ransomware groups that encrypt systems, World Leaks focuses entirely on exfiltration and public exposure.
The Third Party Weak Link
The attackers did not breach the LAPD directly. They targeted a third party discovery transfer application used by the City Attorney's Office to share case files. Ivor Pine, deputy director of communications for City Attorney Hydee Feldstein Soto, said the application was "self contained" and did not grant access to broader department networks.
But the distinction between breaching a department's core network and breaching a system that holds its most sensitive documents is largely academic when 7.7 terabytes of confidential records are already in criminal hands. Third party systems that handle legal discovery materials often contain the most sensitive data an organization possesses, yet they frequently receive less security attention than primary networks.
Why Witness and Officer Data Is Uniquely Dangerous
Most data breaches expose customer records: names, emails, credit card numbers. This breach is fundamentally different. The exposed files include the identities of witnesses in active criminal cases and the personnel records of police officers, including those involved in internal affairs investigations.
For witnesses, exposure can mean physical danger, intimidation, or retaliation. For officers under internal investigation, leaked personnel files create risks of harassment and targeted attacks. The exact number of individuals affected is still under review, but with 337,000 files spanning 7.7 terabytes, the scale is substantial.
A Pattern of Government Breaches
The LAPD leak follows a string of government and law enforcement data exposures. Eight million anonymous crime tips were exposed in a separate breach, undermining the promise of confidentiality that tip lines depend on. The European Commission lost 350 GB from its cloud systems in another incident.
Government agencies and law enforcement bodies hold some of the most consequential personal data in existence. When that data leaks, the harm is not limited to financial fraud. It can compromise criminal investigations, endanger lives, and erode public trust in the institutions responsible for justice.
What You Can Do
If you have interacted with the LA City Attorney's Office or the LAPD in any legal capacity, be alert for these risks:
- Watch for targeted phishing. Leaked case details give attackers the context to craft highly convincing messages. Be skeptical of any email referencing legal proceedings, especially if it contains links or attachments.
- Monitor for identity theft. With medical records, addresses, and potentially Social Security numbers in the breach, check your credit reports and consider placing a fraud alert.
- Contact the City Attorney's Office if you believe your information may be in the exposed files. The office has engaged external forensic support and outside counsel for the investigation.