Stolen City of Oakland Data in Ransomware (opens in a new tab) Last month’s attack has started making its way to the dark web, according to reports.
Threat actor Play Ransomware updated its leak website with data stolen from the City during the ransomware attack in mid-February, BleepingComptuer reported.
So far, the group has leaked a total of 10 gigabytes of data, divided into multiple RAR files. Whether or not the group publishes more content remains to be seen, but the leaked caches allegedly contain a lot of sensitive employee information, more than enough for threat actors to run identity theft campaigns.
Confidential data is leaked
“Sensitive private and personal data, financial information. IDs, passports, full employee information, information on human rights violations. For now, 10gb compressed partially released,” the threat actor’s website said.
The City of Oakland also responded to the latest development, saying it is monitoring the situation and will notify affected individuals accordingly:
“While the investigation into the scope of the incident that affected the City of Oakland is ongoing, we recently became aware that an unauthorized third party acquired certain files from our network and intends to release the information publicly,” it reads. in the city statement.
“We are working with third-party specialists and law enforcement on this issue and are actively monitoring claims by unauthorized third parties to investigate their validity. If we determine that any individual’s personal information is involved, we will notify you in accordance with applicable law. “. .”
In the attack, the city was forced to take its IT systems offline, but emergency services remained operational.
In a short Twitter thread posted at the time, the city said its core services were not affected, but customers should expect delays in other services.
Public sector organizations are a popular target for ransomware operators, so the attack on the city of Oakland should come as no surprise.
In early January 2023, Emsisoft’s cybersecurity experts released a report stating that over 200 large public sector organizations in the US were affected by ransomware last year. In addition to the government, threat actors are also targeting the education and healthcare industries. In about half of the discovered incidents, threat actors made off with sensitive data.
Through: computer bleeding (opens in a new tab)