The Play ransomware group has begun leaking sensitive data stolen from the City of Oakland, California, following a recent cyber attack. The city had disclosed the ransomware attack on February 10th, 2023, after taking impacted systems offline to secure them.
The city confirmed that core functions, such as 911, financial data, and emergency resources, were not impacted by the attack. However, it warned of possible delays as a result of the attack.
The City of Oakland declared a local state of emergency on February 14th, 2023, due to the impact of the ransomware attack. On March 3rd, the city confirmed that an unauthorized third party had acquired certain files from its network and threatened to release the information publicly.
The city is currently working with third-party specialists and law enforcement to investigate the validity of the third party’s claims.
The Play ransomware group, which claimed responsibility for the attack, has started leaking a 10 GB archive of sensitive data, such as employee information, passports, and IDs.
The ransomware gang posted an announcement on its Tor leak site, threatening to upload the full dump of data if there is no reaction to the partially published compressed 10 GB archive.
The City of Oakland has assured the public that it will notify any individuals whose personal information is involved, in accordance with applicable law.