Ransomware Gang Claims Responsibility For The Attack On Oakland

The Play ransomware gang has taken responsibility for a cyber attack on the City of Oakland that has disrupted IT systems since February. Oakland is a city in California on the east side of the San Francisco Bay Area with a population of about 440,000.  Now, the Play gang has begun partially publishing data they stole. 

The criminals claim that they have taken control of documents containing private and sensitive information, financial and official records, identity documents, passports, individual employee data and other sensitive information.

On March 1, 2023, the city was listed as a victim on the gang’s extortion website, as discovered by security researcher Dominic Alvieri. These documents were stolen during the hackers’ network intrusion. They are now used as a bargaining chip to persuade the city administration to meet their demands and pay the ransom. 

The gang is also warning it has more stolen data to dump, to pressure the city to pay up to prevent more confidential information from leaking. “For now partially published compressed 10gb. If there no reaction full dump will be uploaded,” the Play gang wrote.  

Previously, Oakland's local government disclosed that it was the target of a ransomware attack on February 10th which disrupted all of its IT networks, except for emergency services.

On February 14, the city declared a state of emergency to expedite the restoration of the impacted systems and all services as soon as possible. Because the city could not accept online payments, all business taxation obligations were given a 45-day extension. Parking violation services were also affected, with cashier booths unable to accept calls or transactions. By February 20, IT specialists had assisted in the restoration of public computers, printing, scanning, wireless Internet connectivity, and library services throughout the city’s facilities, but the city’s non-emergency phone services and business tax licenses remained unavailable.

Play Ransomware, also known as PlayCrypt, is a relatively new ransomware operation that began in June 2022. Previously Play Ransomware has targeted victims across various sectors, including industrial, manufacturing, technology, real estate, transportation, education, healthcare, government and others. 

The ransom demands vary depending on the size and importance of the victim organisation. Some victims have reported paying thousands or millions of dollars to get their data back.

Malwarebytes:     Bleeping Computer:     SecureWorld:   PCMag:      ABC7:    TEISS:     

You Might Also Read: 

Banning Ransomware Payments - Will It Work?:

__________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Meta Plans A Rival To Twitter 
Cybersecurity Is No Longer The Sole Responsibility Of IT Specialists  »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

SafeUM Communications

SafeUM Communications

SafeUM Secure Messenger is an encrypted secure communications protection mechanism for instant messaging.

Acunetix

Acunetix

Acunetix is a leading web vulnerability scanner, widely acclaimed to include the most advanced SQL injection and XSS black box scanning technology.

Cyber Security Centre - University of Hertfordshire

Cyber Security Centre - University of Hertfordshire

The Cyber Security Centre provides training, teaching and research in the fast paced topics of cyber security and digital forensics.

Cyber Risk Policies

Cyber Risk Policies

CyberRiskPolicy.com is a joint venture between the Poindexter Surety Group of companies and Gibbs Cyber Security.

Fenror7

Fenror7

Fenror7 lowers the TTD (Time To Detection) of hackers, malwares and APTs in enterprises and organizations from 300 days on average to 24 hrs or less.

Joe Security

Joe Security

Joe Security specializes in the development of automated malware analysis systems for malware detection and forensics.

Sheelds

Sheelds

Sheelds (formerly Arilou) was founded in 2012 with the mission of developing cyber-security technologies for automotive environments.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

Distributed Ledger Inc (DLI)

Distributed Ledger Inc (DLI)

Distributed Ledger is a blockchain integrator and service provider helping businesses integrate blockchain technology into their existing systems and processes.

River Loop Security

River Loop Security

River Loop Security specialize in solving complex cybersecurity challenges in the IoT and embedded devices space.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

Trapp Technology

Trapp Technology

Trapp Technology combines the very best cloud, Internet, IT managed services, and IT consulting to provide a true all-in-one IT solution for small to mid-sized businesses.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.

Policy Monitor

Policy Monitor

Policy Monitor is a cyber security company founded by experts with extensive experience in operational and risk management.

KCS Group Europe

KCS Group Europe

KCS Group helps its clients to identify and deal with any risks, weaknesses and threats which could impact on the business financially or reputationally.