Oakland acknowledges ransomware attack has worsened with massive new release of personal info

Personal information stolen in Oakland ransomware attack

OAKLAND -- A ransomware attack plaguing City of Oakland computer systems has worsened with a new trove of personal data of employees and residents released onto the so-called dark web, city officials acknowledged.

The ransomware attack began in February and resulted in network outages to the city's systems, prompting the city administrator to declare a state of emergency to fast-track the restoration process. Ransomware attacks involve hackers encrypting files and demanding ransom to decrypt them. The release of data indicates no ransom has been paid and hackers are following through on their threats.

On Tuesday, city officials confirmed the same hacker group which released sensitive personal information in February was also responsible for a data dump of some 600 gigabytes of information, about 60 times larger than the previous data release. The data is accessible by anyone with custom software created for darknet websites.

The data is compiled of information such as social security numbers, home addresses, and medical data from thousands of current and former city workers. Confidential nformation from some of the city's residents who have filed claims against the city or applied for programs through City of Oakland websites has also been included in the data dump.

Mayor Sheng Thao said Wednesday during a press event promoting downtown businesses that the city was still working with local and federal law enforcement to resolve the ongoing attack.

"We are still going through what has actually been taken and dropped onto the black web. As you know, it takes time to download and so we're waiting for the full downloading of all this information," said Thao. "We are actively reaching out to anyone whose info may have been compromised, whether or not they work for the City of Oakland."

Last week, the Oakland police officers' union filed a claim against the city for damages suffered because of the ransomware attack. The claim from the Oakland Police Officers' Association seeks monetary damages as well as credit monitoring services, bank monitoring services, credit restoration services and identity theft insurance. 

Attorneys for the police union said the city was repeatedly warned in the past and recently of "significant deficiencies in the security of its information technology systems," according to the claim.  

People who were Oakland city employees between July 2010 and January 2022 who have not received a letter are urged to email cyberfaq@oaklandca.gov to get information about impacts to them and available resources for them.

The same employees can contact a call center Monday to Friday 9 a.m. to 5 p.m. Pacific time for information. The phone number is (866) 869-1861.

Read more
f

We and our partners use cookies to understand how you use our site, improve your experience and serve you personalized content and advertising. Read about how we use cookies in our cookie policy and how you can control them by clicking Manage Settings. By continuing to use this site, you accept these cookies.