John Z Black
Brunswick, ME • (207) 245-1010 • contact@johnzblack.com
LAPD’s own network wasn’t breached. That’s technically true. It’s also almost beside the point, because 7.7 terabytes of sensitive police records are now with an extortion group.
World Leaks, which is just Hunters International under a new name, didn’t need to touch LAPD’s infrastructure. They breached a third-party file-sharing application connected to the LA City Attorney’s Office. The app was built to hold civil discovery materials from George Floyd protest-era lawsuits. Sensitive departmental records, Internal Affairs investigations, unredacted criminal complaints with witness names, officer personnel files and medical records.
The system apparently had no password protecting access to it. Sources say city officials never implemented the basic access restriction the platform was designed to require.
337,000 files. World Leaks posted some publicly then pulled them back down. That’s a leverage play: show what you have, create urgency, negotiate.
The political fallout was immediate. The LAPD officers’ union withdrew their endorsement of the City Attorney. City leaders demanded testimony about when she first knew.
The pattern here is familiar. Treasury, healthcare organizations, now LAPD. The primary organization hardens its own perimeter. The vendor sitting next to it, with access to the same sensitive data, doesn’t get the same scrutiny. Attackers have noticed.