Officials in Oakland confirmed this week that the ransomware group responsible for the February attack released a much larger amount of data on the dark web. The Play ransomware group initially released 10GB of data last month and followed up with an additional 600 gigabytes of city data.
On Tuesday, the city acknowledged the second data leak and stated that they were working with experts and law enforcement to investigate the files. The statement also pointed out the breadth of information contained in the first leak, including documents stolen from the police department and other city offices. Personal information belonging to Mayor Sheng Thao was even leaked.
In March, the city began notifying affected employees and is currently mailing notification letters to impacted residents, which include further details and resources to help protect their personal information. The city intends to continue notifying those impacted by both leaks as they analyze the data and has urged victims to call the number provided in the breach notification letters if they have any concerns or questions.
In addition to the two leaks by the Play ransomware group, another group, the LockBit ransomware group, claimed to have stolen data from the city. They added Oakland’s government to their leak site two weeks ago. While the city denied another ransomware attack, LockBit has not removed the posting, and they are threatening to leak the data if their demands are not met by the end of Sunday.
The city sent out breach notification letters to thousands of employees and residents in March. These letters disclosed that names, addresses, driver’s license numbers, Social Security numbers, and other data were compromised during the attack by Play between February 6 and February 9.
Story Credit
