OAKLAND, Calif. (KRON) — Oakland city officials say more data from a recent ransomware attack have been leaked on the dark web. This is the second time the party claims responsibility.
“Play” has released data from the attack that was first reported in early February. KRON4 spoke with a tech expert about what this means for people whose personal information may now be out in public.
Oakland’s ransomware attack is going beyond city employees. City officials say hackers have released information of some city residents — along with those city employees — on the dark web.
The city of Oakland said in a statement:
“We recently became aware that the same unauthorized third party claiming responsibility for the ransomware incident has posted additional data allegedly taken from our systems during the incident in February to a website not searchable via the traditional internet.”
The group claiming responsibility is called “Play.” They first exposed personal data onto the dark web in March, which leaked only included information of city employees.
This time, it exposed data including that of residents.
The city says they are sending letters to the people impacted.
Tech expert and San Jose State University professor Ahmad Banafa says if you’ve given your information to the city of Oakland over the last decade, you should take precautions.
“Now they released the information which is 60 times what they had released before,” he said.
“Change your passwords completely. Make sure that all the passwords that you have with your system are changed. Implement the two-factor authentications, you’d receive a notification if someone tried to access your account. Lastly monitor your account, your credit card account. And see if someone is trying to up a credit card, get a loan–all of these things will be an indication that your data is being used,” Banafa said.
KRON4 asked Banafa if he has any idea why data is being released again.
“The indication here is the following, the city refused to pay the ransomware,” Banafa said.
The Oakland Police Officers Association (OPOA) has filed a claim against the city because of the data release.
KRON On is streaming news live now
“We’ve seen an avalanche of identity theft reports,” OPOA President Barry Donelan said. “Also seeing amongst police officers credit cards have been opened in their name. One of the officers, his social security number has been hijacked.
The OPOA is asking the city for $25,000 per officer impacted. They say Mayor Sheng Thao agreed to meet with them more than a week ago but has yet to set up the meeting.