OAKLAND, Calif. (KRON) — An unspecified amount of data stolen from the City of Oakland in a recent ransomware attack has been leaked online, according to a statement from city officials. Now the city is warning residents to keep an eye on their credit in case of any fraudulent activity.
On Friday, the City of Oakland confirmed that a third party was able to acquire some of the data from the attack, and they planned to release the information publicly. By Saturday afternoon, ransomware group PLAY had claimed responsibility for the attack and released the data.
The city shared a statement with KRON4 about the status of the investigation into the attack:
“While the investigation into the scope of the incident impacting the City of Oakland remains ongoing, we recently became aware that an unauthorized third party has acquired certain files from our network and released some of this information. We are working with third-party specialists and law enforcement on this issue, and are reviewing the involved files to determine their contents. If we determine that any individual’s personal information is involved, we will notify those individuals in accordance with applicable law.
Protecting the confidentially of the information we hold is a responsibility we take seriously. We will continue to work diligently to investigate and address this incident while working with our expert teams to enhance our security even more moving forward.”
KRON On is streaming now
The City of Oakland initially informed residents of the ransomware attack on Feb. 10, nine days after the attack began. Several non-emergency systems were impacted afterwards including city phone systems, wireless internet at libraries, and the parking citation center. Most of these systems were back up by Feb. 28.
Cybersecurity analyst and security researcher Dominic Alvieri tells KRON4 he saw the post from PLAY threat group. He says employee IDs, passports and other documents were shared in the leak.
The City of Oakland is working with the Federal Bureau of Investigation and local law enforcement agencies to determine whose private information may have be released, however that could take time. The city says it will begin notifying those whose information may have been compromised as soon as possible.
“My Administration takes this very seriously and has been working hard to restore systems and provide assistance to anyone impacted,” Mayor Sheng Thao said of the incident. “Moving forward we will focus on strengthening the security of our information technology systems.”
The city is now encouraging residents to stay on top of their credit reports to detect any potential fraud as early as possible. Those who believe they may have been a victim of identity theft should contact their state’s Attorney General as well as the Federal Trade Commission.