Ransomware group leaks data stolen from City of Oakland
Data Stolen from City of Oakland in One Ransomware (opens in a new tab) Attacks last month have begun to find their way into the dark web, reports have claimed.
Threat agent Ransomware Play has updated its leak site with stolen data from the City during the mid-February ransomware attackBleepingComptuer reported.
So far, the team has leaked a total of 10 gigabytes of data, split across multiple RAR archives. It remains to be seen whether the team will publish more content, but the leaked caches are said to contain a lot of sensitive employee information, more than enough for threat actors to run. identity theft campaigns.
Sensitive data leaked
“Confidential personal and private data, financial information. ID, passport, employee complete information, human rights violation information. Now partially published 10gb compressed capacity”, website said by the threat.
The City of Oakland also responded to the latest development, saying it is monitoring the situation and will notify affected individuals as appropriate:
“While the investigation into the extent of the incident affecting the City of Oakland is ongoing, we recently learned that an unauthorized third party obtained certain files from our network and intends to release the information publicly,” the City statement read.
“We are working with third-party experts and law enforcement on this matter and are actively monitoring unauthorized third-party claims to investigate their validity. I determine that the personal information of any relevant individuals, we will notify such individuals in accordance with applicable law.”
During the attack, the City was forced to shut down its IT systems, but emergency services remained operational.
In a short Twitter thread published at the time, the city said that its core services were not affected, but that customers should expect delays in other services.
Public sector organizations are a common target for ransomware miners, so the attack on the City of Oakland is not surprising.
In early January 2023, cybersecurity experts Emsisoft released a report stating that last year, more than 200 major public sector organizations in the United States were affected by ransomware. Besides the government, threat actors are also pursuing the education and healthcare industries. In about half of the incidents detected, the threat actors took away sensitive data.
Through: BleepingComputer (opens in a new tab)