The 36 courthouses of the Superior Court of Los Angeles County will be closed Monday as efforts continued to be made to recover from a ransomware attack.
The court late Friday revealed it was the victim of “a serious security event” in the early morning hours that was determined to be a ransomware hack — and said the Court Technology Services Division immediately shut down network computer systems “to mitigate further harm.”
“The court experienced an unprecedented cyber attack on Friday which has resulted in the need to shut down nearly all network systems in order to contain the damage, protect the integrity and confidentiality of information and ensure future network stability and security,” Presiding Judge Samantha P. Jessner said.
“While the court continues to move swiftly towards a restoration and recovery phase, many critical systems remain offline as of Sunday evening,” Jessner said. “One additional day will enable the court’s team of experts to focus exclusively on bringing our systems back online so that the court can resume operations as expeditiously, smoothly and safely as possible.”
Visitors to lacourt.org were still being met with the error message “We’re sorry … The page you are looking for cannot be displayed due to a website error.”
Court officials did not specify which network systems had been disabled, but the court’s website, including the jury portal, was expected to remain offline as of Monday. The court was expected to reopen Tuesday.
The attack was believed to be unrelated to the CrowdStrike issue that created havoc on computer systems worldwide on Friday, the court statement said.
The court said the California Governor’s Office of Emergency Services, as well as local, state and federal law enforcement agencies, were all participating in the investigation into the breach.
“At this time, the preliminary investigation shows no evidence of court user’s data being compromised,” the court said Friday.
The statement went on to say that, “Due to the ongoing nature of the investigation, remediation and recovery, the Court will not comment further until additional information is available for public release.”
The statement credited the court’s heavy investment in cybersecurity and increased staffing in the cybersecurity division in helping officials to quickly detect the intrusion and address it immediately.
The court hack was the second in recent years against a major Los Angeles public agency.
Over Labor Day weekend in September 2022, the Los Angeles Unified School District was the victim of a ransomware attack that was later reported to have been perpetrated by a Russia-based hacking syndicate called the Vice Society.
Some data was stolen during that attack and posted on the dark web, but Superintendent Alberto Carvalho said at the time there was no evidence the hackers had accessed sensitive student or staff personal data.
The posting of the data — mostly involving some of the LAUSD’s outside contractors, the district said at the time — came ahead of an announced deadline the hacking group gave the district to pay an unspecified ransom it had demanded.
The early release of the data appeared to follow repeated assertions by Carvalho and the district that it had no intention of paying any type of ransom.