LAPD data breach: Personal information of officers, applicants exposed
LOS ANGELES (KABC) -- A data breach has exposed the personal information of multiple Los Angeles police officers, the department has confirmed.
The breach was at the city level and affected LAPD officers as well as those applying to become officers, officials say.
The department says it is working with the city to determine the extent of the data breach and to ensure that the department's data is protected from further intrusion.
The Los Angeles Police Protective League Board of Directors is asking the city to provide resources and assistance to any impacted officer who may become the victim of identity theft.
The security breach affected at least 2,500 people, some possibly police officers, and is now under investigation.
It is still unclear when the data was breached and how.
"That's something that we want to know, how this information especially with Los Angeles police officers could get out and what's going on to ensure that the problem is rectified and a complete investigation is conducted on who is involved in releasing this information," said Sgt. Jerretta Sandoz, Vice President of the Los Angeles Police Protective League.
"It was actually a breach that was affecting an unused system for job applicant management in the city of Los Angeles, and we're just hearing about this because it affected police officers, as well as other employees within the city," said Clifford Neuman, Director of USC's Center for Computer System Security.
Neuman says data likely includes personal information provided by officers in their job applications, including passwords.
"I'd expect those were probably the passwords that those individuals used when they applied for their jobs in the city of Los Angeles, rather than necessarily the passwords they are using on their banking systems or even their operational systems," Neuman said. "But, it's important for them to not be using the same passwords in multiple places."
And Neuman suggests there will likely be more victims of the breach.
"I expect that over the course of the next couple days we're going to hear the breach was much larger in terms of its impact on other city employees."
A statement from the office of Mayor Eric Garcetti said:
"We are investigating a data event that was discovered on July 25, and involved limited information about City of Los Angeles job applicants in a database that is no longer used by the Personnel Department. We take the protection of personal data very seriously, and the City has informed the individuals who may have been affected. The City's Information Technology Agency has added additional layers of security to guard against future events of this kind."
