Ransomware Gang Claims Responsibility For The Attack On Oakland

Uploaded on 2023-03-10 in TECHNOLOGY--Hackers, NEWS-News Analysis, FREE TO VIEW

The Play ransomware gang has taken responsibility for a cyber attack on the City of Oakland that has disrupted IT systems since February. Oakland is a city in California on the east side of the San Francisco Bay Area with a population of about 440,000.  Now, the Play gang has begun partially publishing data they stole. 

The criminals claim that they have taken control of documents containing private and sensitive information, financial and official records, identity documents, passports, individual employee data and other sensitive information.

On March 1, 2023, the city was listed as a victim on the gang’s extortion website, as discovered by security researcher Dominic Alvieri. These documents were stolen during the hackers’ network intrusion. They are now used as a bargaining chip to persuade the city administration to meet their demands and pay the ransom. 

The gang is also warning it has more stolen data to dump, to pressure the city to pay up to prevent more confidential information from leaking. “For now partially published compressed 10gb. If there no reaction full dump will be uploaded,” the Play gang wrote.  

Previously, Oakland's local government disclosed that it was the target of a ransomware attack on February 10th which disrupted all of its IT networks, except for emergency services.

On February 14, the city declared a state of emergency to expedite the restoration of the impacted systems and all services as soon as possible. Because the city could not accept online payments, all business taxation obligations were given a 45-day extension. Parking violation services were also affected, with cashier booths unable to accept calls or transactions. By February 20, IT specialists had assisted in the restoration of public computers, printing, scanning, wireless Internet connectivity, and library services throughout the city’s facilities, but the city’s non-emergency phone services and business tax licenses remained unavailable.

Play Ransomware, also known as PlayCrypt, is a relatively new ransomware operation that began in June 2022. Previously Play Ransomware has targeted victims across various sectors, including industrial, manufacturing, technology, real estate, transportation, education, healthcare, government and others. 

The ransom demands vary depending on the size and importance of the victim organisation. Some victims have reported paying thousands or millions of dollars to get their data back.

Malwarebytes:     Bleeping Computer:     SecureWorld:   PCMag:      ABC7:    TEISS:     

You Might Also Read: 

Banning Ransomware Payments - Will It Work?:

__________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Meta Plans A Rival To Twitter 
Cybersecurity Is No Longer The Sole Responsibility Of IT Specialists  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Insta Secrays

Insta Secrays

Secrays is a consulting firm providing information security, privacy and compliance services.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

Averon

Averon

Averon's technology is the new gold standard for digital identity - the easiest, fastest and most secure verification solution for users on both WiFi and LTE.

Qubitekk

Qubitekk

Qubitekk has developed quantum cryptography solutions for the machine-to-machine (M2M) communications market.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

Cybercrime Investigation & Coordinating Center (CICC)

Cybercrime Investigation & Coordinating Center (CICC)

The Cybercrime Investigation and Coordinating Center (CICC) is an attached agency of the Philippines Department of Information and Communications Technology (DICT).

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

BlueKrypt

BlueKrypt

BlueKrypt is a consulting firm for the security of IT systems and their management.

Hexnode MDM

Hexnode MDM

Hexnode MDM is an award winning Enterprise Mobility Management vendor which helps businesses to secure and manage BYOD, COPE, apps and content.

Ziroh Labs

Ziroh Labs

Ziroh Labs leverages advanced cryptography to keep your highly sensitive, private data safe throughout the lifecycle of data.

Gigacycle

Gigacycle

Gigacycle is one of the leading IT disposal and recycling providers in the UK. We specialise in IT asset disposal (ITAD) and data destruction.

Cyber Threat Defense (CT Defense)

Cyber Threat Defense (CT Defense)

CT Defense specialize in penetration testing and security assessments.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

Secure Ideas

Secure Ideas

Secure Ideas is focused on penetration testing and application security including web applications, web services and mobile applications.

Institute for Security and Technology (IST)

Institute for Security and Technology (IST)

The Institute for Security and Technology's goal is to provide the tools and insights needed for companies and governments to outpace emerging global security threats.

Enginsight

Enginsight

Enginsight provides a comprehensive solution for monitoring and securing your servers and clients.