In my 31 years with the LAPD, I’ve seen every brand of “soup sandwich” imaginable. I’ve seen supervisors who “played dumb” to avoid accountability, and I’ve seen “dinosaurs” who thought their seniority gave them a license to ignore real work. But what we are witnessing right now- a catastrophic 7.7-terabyte data breach that sat in silence for weeks – is a failure of a different magnitude. This isn’t just a technical glitch; it is the ultimate administrative betrayal.
When the Los Angeles Unified School District (LAUSD) was crippled by a massive ransomware attack over Labor Day weekend in 2022, I recall sounding the alarm, I contacted FBI cyber security and asked that they work with our ITB to ensure we weren’t next. The Russian-speaking group Vice Society didn’t just freeze systems; they executed a “double extortion” hit, stealing 500 gigabytes of data.
The outcome of the LAUSD breach was a nightmare: when the district refused to pay the ransom, the hackers dumped sensitive psychological assessments of students, Social Security numbers, and health records onto the dark web. It was a loud, clear siren that Los Angeles was a soft target. I saw the vulnerabilities and the “know-it-all” attitude of our leadership, yet when I asked questions I was told by the Chief of IT Mcmahon “all is good with the LAPD.” No need to updated or change anything.
While LAUSD was forced to implement Multi-Factor Authentication (MFA) within two weeks of their disaster, the LAPD remained stuck in “the all is good here, nothing to look at”.
The “watchers” responsible for the City of Los Angeles’ technology security are housed within the Information Technology Agency (ITA) within the city of LA, However, the actual “management” of that security has been plagued by a divide between technical staff and political appointees who hold the real power.
Here is the breakdown of who is currently at the helm and where the “shambles” originate:
While the General Manager and CIO (Ted Ross) oversee the entire department, the specific responsibility for cybersecurity falls under the Chief Information Security Officer (CISO). As of early 2026, Timothy Lee is listed as the CISO for the ITA. This role is supposed to protect the confidentiality and integrity of all City data, including the systems shared with the LAPD and LAFD. The ITA has a $105 million budget, yet it consistently struggles with “behind the curve” responses to breaches like the March 2026 hack. This is the agency that manages the third-party vendors who lost 7.7 terabytes of critical data.
The internal management of LAPD technology is handled by the Information Technology Bureau (ITB). This is where the “drinking buddy” system was implemented under Moore. The “Sagebrush Cantina” era of LAPD technology wasn’t just a social circle; it was a tactical liability that left the department defenseless. The transition from professional IT management to “drinking buddy” appointments created a dangerous gap in our digital armor.
Before the administrative shift under Moore, the department’s technology strategy had a foundation of professional experience. During the tenure of Chief Charlie Beck, the IT Bureau was led by Maggie Goodrich, a civilian with significant legal and technical expertise. As the CIO, she understood the complexity of federal compliance, data privacy, and the technical architecture required to run a 24/7 law enforcement operation.
Because she wasn’t a “sworn” officer looking for a comfortable pre-retirement seat, she could audit the ITA (Information Technology Agency) from a position of technical authority. She knew when the city’s technical answers didn’t add up. She knew the questions to ask and decisions to challenge.
When Michel Moore took the helm, the leadership philosophy shifted toward loyalty over expertise. This was most evident in the appointment of John McMahon as the Chief Information Officer and Deputy Chief of the Information Technology Bureau.
Moore, a long-time resident of Santa Clarita (Stevenson Ranch), was part of a close-knit circle that frequented local staples like the Sagebrush Cantina. McMahon, a 36-year veteran of the department, was part of this “inner circle.” While McMahon had a long career in law enforcement, he was a career cop—not a career technologist. Placing a “dinosaur” with no technical background in charge of a multimillion-dollar digital infrastructure is like asking a patrol officer to perform neurosurgery just because they’ve seen a lot of bandages.
Because the ITB Chief couldn’t speak the “language” of technology, the ITA and third-party vendors were essentially grading their own homework. This is why, when the LAUSD breach happened, the ITB couldn’t push back when they were told “all is good.” They didn’t know which questions to ask.
This “Sagebrush” leadership style extended to the handling of internal threats. We saw similar dismissive action when I brought up concerns with release of undercover photos.
When the concern about exposing undercover officers was brought to Chief of Staff Randolph and Director of Constitutional Policing Rhodes, the response was a bureaucratic shrug. The decision to redact the Internal Affairs (IA) Special Operations Division (SOD) “headhunters” while ignoring the safety of the Narcotics and SIS units proves that this wasn’t a legal limitation – it was a choice. They both said nothing we can do because it was a public information request.
They protected the people who investigated “us” but left the street-level officers out in the cold.
This leadership vacuum at ITB (Information Technology Bureau) and the City’s ITA (Information Technology Agency) ensured that while other threats occurred, the city remained “behind the curve.”
As of early 2026, the LAPD has finally shifted away from the “drinking buddy” model of technology leadership by tapping Dean Gialamas to serve as the new IT Bureau Chief and Chief Information Officer (CIO).
Unlike the previous era of Sagebrush Cantina appointments, Gialamas is a seasoned IT professional with a deep resume in Southern California government. He isn’t a “dinosaur” waiting for retirement; he is a career technology leader. He previously served as the General Manager for the L.A. County Internal Services Department (ISD) and held high-level roles with both the L.A. County Sheriff’s Department and the Orange County Sheriff’s Department.
Gialamas has been brought in during a period of massive technical crisis. His primary mission is to transform the department’s aging and vulnerable infrastructure in preparation for the 2026 FIFA World Cup, the 2027 Super Bowl, and the 2028 Summer Olympics. He took over just as the 7.7-terabyte breach was surfacing, inheriting the mess left by the City Attorney’s Office and the “weeks of silence” from previous command staff.
The appointment of Gialamas is a direct rebuttal to the “drinking buddy” era seen with Moore. By selecting a CIO with actual technical standing from the County level, Chief Jim McDonnell is signaling that the days of letting an IT-illiterate Commander run the bureau are over.
The current crisis involving a third-party vendor is the “smoking gun” of this administration’s failure. The hack occurred possibly in early March, yet the City Attorney’s Office held it close and later allegedly revealed it to at least one unknown LAPD Commander who sat on this information for nearly two weeks.
The rank-and-file didn’t find out from their leadership. They found out when they saw their own names, health records, and Internal Affairs files being circulated on social media by accounts like, @WhosThatCop.
By waiting weeks to confirm the 7.7 terabytes of leaked data, the city didn’t just fail a moral obligation, they likely violated California’s Senate Bill 446, which mandates notification within 30 days. Notification does not mean posting it on social media.
Is this breach just a failure of firewalls; or is it a clinical application of the “LA Fed Blueprint.” In the shadow of the upcoming elections, the 7.7 terabytes of leaked data function exactly like the clandestine recordings of 2022—as a timed explosive designed to reshape the halls of power under the banner of “accountability.”
Just as the Fed recording of Nury Martinez, Gil Cedillo, and Kevin de León sat in a “vault” for nearly a year before being dropped weeks before the 2022 election, the March 2026 breach followed a suspiciously silent timeline.
The hack occurred early March, but the official confirmation was withheld until April 8. In a “backstabbing” political environment, that 30-day silence isn’t an accident; it’s a window. It allows the “right” people to curate the data and ensure that when the “leak” hits social media, it hits the specific targets needed to shift the narrative.
By finding out through @WhosThatCop and news tickers rather than a department teletype, the rank-and-file were used as the backdrop for a public outcry. This manufactured “chaos” is the perfect pretext for a pre-election purge.
In 2022, the weapon was a secret audio file. Today, the weapon is Internal Affairs (IA) files. These files contain complaints, the administrative “dirt,” and the personal vulnerabilities of countless employees of the department. By leaking unredacted misconduct data, political actors can effectively “veto” the careers of any “old guard” leaders who aren’t aligned with the new political order.
Notice how in 2023, the IA-SOD “headhunters” were shielded from the photo leak while street-level undercover officers were exposed. This shows a sophisticated understanding of whose data is “valuable” and whose is “expendable.” In 2026, the data being “allowed” to circulate is suspiciously focused on those who benefited from the previous “Sagebrush” administration.
The most effective way to remove a political rival in Los Angeles is to accuse them of “negligence.” The 7.7TB breach provides a bulletproof justification to dismantle the entire administrative structure. Under the guise of “modernizing” and “fixing the shambles,” political rivals can accuse anyone associated with the current failures and blame it on the, current Mayor and City Attorney as negligent.
By highlighting that an “unknown person under the current administration watch” sat on the breach for weeks, the leakers have created a scenario where the “old guard” looks either complicit or dangerously incompetent. It’s a “clean sweep” strategy that uses technical failure to mask a political takeover.
The “ambulance chasers” are already lining up to file lawsuits, and once again, the taxpayers will foot the bill for the ego and apathy of city leaders.
The “soup sandwiches” at City Hall have spent too long playing dumb while the digital walls crumbled. Accountability is not a suggestion – it is a mandate. It’s time to stop the drinking-buddy appointments and start protecting the men and women who actually protect this city.
