Expand / Collapse search

Hackers reportedly releasing Oakland city employees' personal data in ongoing ransomware attack

By
Updated  March 6, 2023 6:35pm PST
Silicon Valley Tech
KTVU FOX 2

OAKLAND, Calif. - The City of Oakland's silence about ransomware extortion, for the past three days, underscores how much trouble the city's crippled information technology systems are compromised. The City of Oakland issued a statement on Monday following many requests for information that had previously gone unanswered. 

Over the weekend, organizations who can probe the so-called "deep web" reported that the hackers who put ransomware in the City of Oakland's computers released some of it, including employees and other's personal, confidential, financial, private and identification data, including passports and other materials. 

Apparently, because the city took the advice of federal law enforcement and others who urged Oakland authorities to refuse to pay, the release was a revenge for not paying the ransom.

Nonetheless, the city has not updated its website about this since last Friday. 

"They'll release some personally identifiable information of those that they stole or else they'll start releasing some compromising emails of city officials; really to extort them and put the pressure on to pay up in bitcoin that they're requesting," said Boston College Law and Business professor Kevin Powers, an expert in internet security and law.

SEE ALSO: Hackers threaten release of stolen City of Oakland data

In fact, this is likely only the opening shot. 

"Now, what the criminals are doing is say, 'Oh yeah? Here's what we're gonna do. Here's the information we have out there. So, if you don't want to pay, we're gonna put even more out there,'" said Powers.

For city employees, contractors and consultants that have or gave sensitive information to Oakland, Powers strongly suggests they start monitoring their accounts and other records as the information is likely to be misused whether the city pays or not.

In a statement on Monday, City of Oakland officials said its employees are working with third-party specialists to resolve the issue and that they've made significant progress toward restoring impacted systems. 

"We are aware that an unauthorized party has released some of the information acquired from our network," the city's statement read. In addition, they have involved the FBI with the investigation. 

Mayor Sheng Thao also weighed in: "My Administration takes this very seriously and has been working hard to restore systems and provide assistance to anyone impacted. Moving forward we will focus on strengthening the security of our information technology systems."