According to a recent news release from Schubert Jonckheer & Kolbe LLP, the cyber attack occurred Dec. 11, 2024, and Kokomo Solutions did not provide notice to potential victims until nearly eight months after the fact, on Aug. 5, 2025. Kokomo Solutions has not publicly disclosed what information was accessed, and its delay in notifying those affected may be a violation of state and federal laws, the law firm said in their release.
The vendor's notice to victims said it hired a forensic security firm that found an unauthorized third party had accessed files on Kokomo's network, but no instances of fraud or identity theft have been reported following the cyber attack.
Besides LAUSD's telehealth program, in 2023, Kokomo Solutions also developed the Los Angeles Schools Anonymous Reporting (LASAR) telehealth mobile application for the district. It enables students and community members to anonymously report non-emergency safety incidents like drug consumption, drug trafficking, mental health crises and threats of a school attack.
Addressing the California IT in Education (CITE) conference about the app's development, Lt. Nina Buranasombati of Los Angeles School Police Department said in November 2023 that user privacy was key in convincing students to use it.
“[Students] want to tell, but they don’t want it public. They’re not going to go to a tip jar, they’re not going to go up to the teacher, they want to remain anonymous, so we used it in our call to action and it worked. We received tips and were able to get everybody involved, and it worked out for us," she said.
Erring on the side of caution, Kokomo Solutions has since enhanced its software’s technical security measures to reduce the risk of future security breaches, according to the company’s notice. It is also encouraging potential victims to take advantage of a one-year membership with Experian IdentityWorks Credit 3B, an identity-protection service at Kokomo's expense that detects potential exploitation of personal data.
