Editor’s Note (Updated: Dec. 18, 2025): This story was updated to reflect later reporting that the incident escalated beyond an initial outage into a data-theft extortion case, plus the longer tail of court and oversight impacts.
- Added reporting that the Qilin group claimed responsibility and alleged theft of about 842GB of data
- Added details of an internal email describing “substantial” data loss
- Updated system-status timeline, including DocketMaster restoration on Sept. 22
- Added Civil District Court disruption details tied to sheriff operations
- Added reporting on delayed audit work and ongoing server rebuilds
- Added reporting that a federal magistrate referenced roughly 30 affected servers and workaround reporting
Louisiana’s Orleans Parish Sheriff’s Office said a ransomware attack on Sept. 4 disrupted bond processing, jail releases and court case lookups in New Orleans, later prompting extortion claims from the Qilin group.
The sheriff’s office said its AS400 platform, used for tasks including releases, bond payments and coordination with criminal-justice partners, was taken offline early Sept. 4 and restored by the evening of Sept. 5 after assistance from city and state partners.
Officials said jail security operations were not affected during the disruption and that no sensitive jail records were impacted, while investigators continued reviewing what happened.
In the days that followed, the incident widened from an internal outage into a public-facing disruption. The DocketMaster system used for court-related workflows, including inmate transfers and releases, went down later in September and OPSO directed the public to a phone workaround while restoration work continued.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
OPSO announced Sept. 22 that DocketMaster had been restored and that the public could again access it through the agency’s website.
Separately, multiple outlets reported that the Qilin ransomware group claimed responsibility and began leaking or offering for sale data it said was taken from OPSO, totaling about 842 gigabytes. OPSO has not publicly confirmed the group’s claim or detailed what personal data, if any, was taken.
An employee email cited in later reporting described the incident as causing a “substantial” loss of data, as Louisiana State Police said it was investigating.
The disruption spilled into the courthouse. Orleans Parish Civil District Court said the sheriff’s civil system was offline for about 15 days, complicating verification of service of process and delaying some pleadings reliant on sheriff operations, while judges implemented contingency plans.
The incident also delayed broader modernization and oversight work. WWL-TV reported that a planned Beacon software upgrade tied to a wider courthouse IT modernization effort was paused after the cyberattack.
In October, WVUE reported that the Louisiana Legislative Auditor’s timeline for audit results slipped as OPSO rebuilt servers and worked to regain access to documentation needed to complete audit procedures.
Federal court reporting also reflected ongoing recovery. A federal magistrate referenced roughly 30 affected servers and directed that required reporting continue through alternate delivery while systems were rebuilt, according to WVUE.
The Orleans Parish Sheriff’s Office runs the city jail and provides key court-related services in New Orleans, and has been described as an agency of roughly 800 employees.
