The ransomware gang behind an attack on the City of Oakland in February has released a second tranche of stolen data.

The Play ransomware group shared 600 gigabytes of data on its leaks site in its second release, including Oakland Police Department files, council members’ communications and city staff’s medical records. By contrast, the first release of stolen data in March was a more modest 10 gigabytes.

The ransomware attack took place on Feb. 8, knocking some of the city’s information technology systems offline. The city declared a state of emergency on Feb. 16 because of ongoing network outages caused by the attack. The attack did not affect 911 services, but certain nonemergency systems were forced offline.

StateScoop reported Wednesday that the city has confirmed the new data release, saying in a statement that it “recently became aware that the same unauthorized third party claiming responsibility for the ransomware incident has posted additional data allegedly taken from our systems during the incident in February to a website not searchable via the traditional internet.”

The Play ransomware group first appeared mid last year and gained prominence in August following an attack on Argentina’s Judiciary of Córdoba. The group encrypts files and adds a .play extension to them. But it typically does not provide a ransomware demand or note, instead leaving a message to victims that simply says “PLAY” and includes an email address to contact the attackers.

“The exposure of stolen documents from the city’s police department, network outages and ransom demands are among the major problems,” Mark Shainman, senior director of Data Governance Products at unified data control company Securiti Inc., told SiliconANGLE. “This chain of attacks against the city underscores the importance of implementing proper security and privacy measures, especially after already suffering another attack.”

“Organizations must put policies in place around security access and governance that maps to the underlying sensitive data that exists within their environment,” Shainman added. “Lots of local governments have limited resources, and one of the pitfalls that they sometimes fall into is not understanding the most important and critical data to protect.”

Photo: Joseph/Flickr