In a troubling development for the city of Oakland, hackers associated with a ransomware group have released sensitive data stolen from city files. This marks a significant escalation in a cyberattack that has plagued the city for almost a month, disrupting various services and sparking worries about the security of personal information.
As an unauthorized third party disclosed the stolen files online, city officials confirmed ongoing collaboration with third-party cybersecurity specialists and law enforcement agencies to evaluate the situation. A spokesperson indicated, "If the files are found to contain personal information, the involved individuals will be notified." This transparency is part of the city's effort to manage the fallout from the attack.
The city officially identified the group behind the incident as Play, a ransomware organization that emerged in June 2022. Play has previously targeted other entities, including the Judiciary of Cordoba in Argentina and the German hotel chain H-Hotels. The rationale behind selecting Oakland for their attack remains unclear.
G. Harold Duffey, the interim city administrator, reinforced the importance of vigilance among city employees in an internal email. "Follow best practices when it comes to protecting your information by remaining vigilant against incidents of identity theft and fraud," Duffey urged, emphasizing the need for individuals to monitor their financial accounts diligently.
"Follow best practices when it comes to protecting your information by remaining vigilant against incidents of identity theft and fraud,"
Barry Donelan, president of the local police union, expressed concern over the lack of clarity regarding the specific files that were compromised. "You have to assume the worst and hope for the best," Donelan remarked, highlighting the anxiety shared among city employees regarding the potential risk to personal data.
"You have to assume the worst and hope for the best,"
Since the initial cyberattack occurred on February 8, the consequences have been significant, with disruptions to the city’s ability to process vital municipal services such as parking tickets and business licenses. Despite ongoing attempts to restore operations, online payments have remained the only viable method for handling parking citations.
Impact and Legacy
In the wake of the attack, the City Council took the precautionary step of declaring a state of emergency, yet details surrounding the nature of the ransomware and potential ransom payments remain undisclosed. With uncertainties still surrounding when the city’s systems will be fully operational again, officials have scrambled to assess the breadth of the attack’s impact.
In a Tuesday update, city communications noted that the public information line, known as the 311 system, has been restored, offering some relief to residents relying on local services. Still, many challenges lie ahead for Oakland as it navigates the complexities of this significant cyber threat.
