L.A. Superior Courts Set to Reopen Tuesday After Cyber Attack

focus on hammer, group of files on judge table covered with dust - concept of pending old cases or work at judicial court

Photo: lakshmiprasad S / iStock / Getty Images

LOS ANGELES (CNS) - After a ransomware attack that caused the Los Angeles County Superior Court system to close on Monday, courts are set to reopen Tuesday.

"As a result of the tireless work of court staff and security experts in the wake of a cyber-attack on the Court last week, the Court will reopen all 36 courthouses (Tuesday)," the court said in a statement Monday evening.

All of the Superior Court's courthouses throughout the county were closed Monday -- affecting both criminal and civil cases -- as the court system's tech services division continued to repair and reboot network computer systems that were "severely impacted" by a ransomware attack on Friday.

"The court experienced an unprecedented cyber-attack on Friday which has resulted in the need to shut down nearly all network systems in order to contain the damage, protect the integrity and confidentiality of information and ensure future network stability and security," Presiding Judge Samantha P. Jessner said in a statement late Sunday night.

"While the court continues to move swiftly towards a restoration and recovery phase, many critical systems remain offline as of Sunday evening. One additional day will enable the court's team of experts to focus exclusively on bringing our systems back online so that the court can resume operations as expeditiously, smoothly and safely as possible."

Officials said they did not anticipate the court system being closed more than one day, and they confirmed late Monday that all courthouses will reopen Tuesday.

However, officials cautioned, "court users should expect delays and potential impacts due to limits in functionality."

People who are scheduled for jury duty this week and listed in group numbers 1, 2, 3, 4, 87 and 97 were instructed to report to the courthouse listed on their summons at 8 a.m. Tuesday.

Court officials said earlier that systems impacted by the hack "span the court's entire operation, from external systems such as the MyJuryDuty Portal and the court's website to internal systems such as the court's case management systems."

The hack -- described as "a serious security event' -- was first noticed early Friday and determined to be a ransomware attack, the court said in an announcement on Friday night.

Soon after the hack was detected, the court's Technology Services Division immediately shut down network computer systems "to mitigate further harm."

However, the courts did remain open for business on Friday.

The ransomware attack was believed to be unrelated to the CrowdStrike issue that created havoc on computer systems worldwide on Friday, the court said on Friday.

Court officials said the California Governor's Office of Emergency Services, as well as local, state and federal law-enforcement agencies, were all participating in the investigation into the breach.

"At this time, the preliminary investigation shows no evidence of court users' data being compromised," the court said Friday.

The statement credited the court's heavy investment in cybersecurity and increased staffing in the cybersecurity division in helping officials to quickly detect the intrusion and address it immediately.

The hack was the second ransomware attack in recent years against a major Los Angeles public agency.

Over Labor Day weekend in September 2022, the Los Angeles Unified School District was the victim of a ransomware attack that was later reported to have been perpetrated by a Russia-based hacking syndicate called the Vice Society.

Some data was stolen during that attack and posted on the dark web, but Superintendent Alberto Carvalho said at the time there was no evidence the hackers had accessed sensitive student or staff personal data.

The posting of the data -- mostly involving some of the LAUSD's outside contractors, the district said at the time  -- came ahead of an announced deadline the hacking group gave the district to pay an unspecified ransom it had demanded.

The early release of the data appeared to follow repeated assertions by Carvalho and the district that it had no intention of paying any type of ransom.


Sponsored Content

Sponsored Content