The city of El Cerrito, California, is launching an investigation into potential data theft following claims by a ransomware group that included the city’s government in its list of victims.
At the same time, the LockBit gang, responsible for the attack, recently updated its leak site with 15 new victims, among them El Cerrito, a city with over 25,000 residents located just north of Oakland.
While the city’s assistant to the City Manager, Will Provost, assured that their systems remain operational, they are collaborating with third-party cybersecurity experts and law enforcement to verify the claims and assess potential data compromise. If sensitive information is confirmed to have been affected, appropriate notifications will be made in accordance with legal requirements.
Furthermore, the incident involving LockBit highlights the escalating threat of ransomware attacks targeting municipalities. The ransomware gang’s involvement was also noted in a previous attack on Oakland, where significant damage to the city’s operations occurred. Both the LockBit and Play ransomware groups were responsible for data leaks containing sensitive city information, prompting emergency response actions, including the deployment of the National Guard.
Additionally, El Cerrito’s case joins a growing list of ransomware attacks on California cities this year, with Modesto and Hayward among the victims, highlighting the vulnerability of public services and infrastructure to cyber threats. Notably, law enforcement agencies and critical transit systems in the state have also faced similar attacks, underscoring the broader challenge of safeguarding digital assets against cybercriminal activity.
