APD Proactively Monitoring Third-Party Service Provider for Cybersecurity Incident

Anchorage, AK — January 13, 2026 — The Anchorage Police Department (APD) has identified and is taking appropriate mitigating actions in response to a cybersecurity incident involving a third-party service provider that supports multiple agencies nationwide.

APD was notified of the incident on January 7, 2026, as the department was preparing for an internal software system upgrade, facilitated by an APD vendor and supported by a third-party service provider. Currently, there is no evidence indicating that APD systems have been compromised or that any APD data has been acquired by the threat actor. However, as a precautionary measure, the department is actively monitoring the systems and implementing protective measures to safeguard information.

The third-party service provider is leading the investigation into the incident. As that active investigation continues, APD, working closely with other Municipal departments, is actively overseeing the response to ensure appropriate safeguards are in place and risks are minimized.

Steps taken to Protect Systems and Information:

• APD informed employees via email on January 7, 2026, and advised them to remain alert and report any suspicious activity to the proper channels.

• ITD shut down the relevant APD servers and disabled the vendor and all third-party service provider access. Additionally, ITD oversaw the deletion and removal of all remaining APD data from the third-party service provider servers.

• APD initiated continued oversight of its systems and will continue to closely monitor for any unusual activity.

If the department determines any APD data containing protected personal information has been acquired by the threat actor, APD will make appropriate notifications to all impacted individuals.