Updated 2/17/25
1. What happened?
On Tuesday, Feb. 11, Lexipol discovered a cybersecurity incident involving our policy management platform (KMS). An unauthorized user accessed certain information pertaining to policy customers. We took immediate steps to secure our systems, launched an internal investigation that remains ongoing, and implemented enhanced monitoring and security protocols. We are collaborating with law enforcement and cybersecurity experts in our response. It is important to note this incident had no impact on our operations and we continue to serve our customers without interruption.
We are aware an unauthorized third party has claimed responsibility for this incident, noting an intention to target law enforcement, and has published information taken from our systems on the dark web. We are continuing to investigate this incident with the utmost diligence.
2. What information was involved in this incident?
The involved data includes agency policy and procedure manuals, as well as certain customer records that may contain names, agency names, and work email addresses. Our review to date has found no evidence that any personally identifiable information (PII) such as home addresses, Social Security Numbers, personal emails, or mobile numbers were affected, and Lexipol does not collect or store PII for our customers. In addition, most of the released records are agency policy manuals, which are often already publicly available through agency transparency initiatives or open records laws.
3. Which customers were affected by this incident?
The potential information involved is limited to Lexipol policy customers. Customers of Lexipol’s wellness, training and performance reporting solutions are not affected. Lexipol partners such as state chiefs’ associations and risk pools are not affected.
4. How did Lexipol respond to the incident?
Upon discovering the incident, we:
5. Who was responsible for the incident?
We are aware an unauthorized third party has claimed responsibility for this incident, noting an intention to target law enforcement.
6. How do I know if my agency was affected?
In the interest of comprehensive response, we are treating the incident as if it impacted every Lexipol policy customer. If you need assistance responding to inquiries from your legal, compliance or IT teams, please fill out the form on this page and someone will be in touch as soon as we can.
7. My agency is a Lexipol policy customer. Do we need to have our users change their passwords?
We recommend all KMS users follow the guidance for account security we have provided and update your passwords.
8. What steps should customers take?
There is no immediate action required as a direct result of this incident. However, incidents like these are a reminder to practice good cyber hygiene – including being vigilant against phishing attempts, using difficult-to-guess passwords, and following IT security protocols.
9. Has Lexipol taken steps to prevent future incidents?
Lexipol takes information security extremely seriously. In response to this incident, we took immediate steps to secure our systems, launched an internal investigation that remains ongoing, and implemented enhanced monitoring and security protocols. We are collaborating with law enforcement and cybersecurity experts to implement appropriate measures and help prevent future incidents.
10. How can customers get more information or assistance?
If you have any questions or need support, please fill out the form on this page and someone will be in touch as soon as possible.