UPDATED 20:18 EDT / APRIL 06 2023


Ransomware gang releases new data stolen from the City of Oakland

The ransomware gang behind an attack on the City of Oakland in February has released a second tranche of stolen data.

The Play ransomware group shared 600 gigabytes of data on its leaks site in its second release, including Oakland Police Department files, council members’ communications and city staff’s medical records. By contrast, the first release of stolen data in March was a more modest 10 gigabytes.

The ransomware attack took place on Feb. 8, knocking some of the city’s information technology systems offline. The city declared a state of emergency on Feb. 16 because of ongoing network outages caused by the attack. The attack did not affect 911 services, but certain nonemergency systems were forced offline.

StateScoop reported Wednesday that the city has confirmed the new data release, saying in a statement that it “recently became aware that the same unauthorized third party claiming responsibility for the ransomware incident has posted additional data allegedly taken from our systems during the incident in February to a website not searchable via the traditional internet.”

The Play ransomware group first appeared mid last year and gained prominence in August following an attack on Argentina’s Judiciary of Córdoba. The group encrypts files and adds a .play extension to them. But it typically does not provide a ransomware demand or note, instead leaving a message to victims that simply says “PLAY” and includes an email address to contact the attackers.

“The exposure of stolen documents from the city’s police department, network outages and ransom demands are among the major problems,” Mark Shainman, senior director of Data Governance Products at unified data control company Securiti Inc., told SiliconANGLE. “This chain of attacks against the city underscores the importance of implementing proper security and privacy measures, especially after already suffering another attack.”

“Organizations must put policies in place around security access and governance that maps to the underlying sensitive data that exists within their environment,” Shainman added. “Lots of local governments have limited resources, and one of the pitfalls that they sometimes fall into is not understanding the most important and critical data to protect.”

Photo: Joseph/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy