Ransomware Gang Claims Responsibility For The Attack On Oakland

Uploaded on 2023-03-10 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Play ransomware gang has taken responsibility for a cyber attack on the City of Oakland that has disrupted IT systems since February. Oakland is a city in California on the east side of the San Francisco Bay Area with a population of about 440,000.  Now, the Play gang has begun partially publishing data they stole. 

The criminals claim that they have taken control of documents containing private and sensitive information, financial and official records, identity documents, passports, individual employee data and other sensitive information.

On March 1, 2023, the city was listed as a victim on the gang’s extortion website, as discovered by security researcher Dominic Alvieri. These documents were stolen during the hackers’ network intrusion. They are now used as a bargaining chip to persuade the city administration to meet their demands and pay the ransom. 

The gang is also warning it has more stolen data to dump, to pressure the city to pay up to prevent more confidential information from leaking. “For now partially published compressed 10gb. If there no reaction full dump will be uploaded,” the Play gang wrote.  

Previously, Oakland's local government disclosed that it was the target of a ransomware attack on February 10th which disrupted all of its IT networks, except for emergency services.

On February 14, the city declared a state of emergency to expedite the restoration of the impacted systems and all services as soon as possible. Because the city could not accept online payments, all business taxation obligations were given a 45-day extension. Parking violation services were also affected, with cashier booths unable to accept calls or transactions. By February 20, IT specialists had assisted in the restoration of public computers, printing, scanning, wireless Internet connectivity, and library services throughout the city’s facilities, but the city’s non-emergency phone services and business tax licenses remained unavailable.

Play Ransomware, also known as PlayCrypt, is a relatively new ransomware operation that began in June 2022. Previously Play Ransomware has targeted victims across various sectors, including industrial, manufacturing, technology, real estate, transportation, education, healthcare, government and others. 

The ransom demands vary depending on the size and importance of the victim organisation. Some victims have reported paying thousands or millions of dollars to get their data back.

Malwarebytes:     Bleeping Computer:     SecureWorld:   PCMag:      ABC7:    TEISS:     

You Might Also Read: 

Banning Ransomware Payments - Will It Work?:

__________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Meta Plans A Rival To Twitter 
Cybersecurity Is No Longer The Sole Responsibility Of IT Specialists  »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Karlsruhe Institute of Technology (KIT)

Karlsruhe Institute of Technology (KIT)

KIT is a leading research and education institutions with strong capabilities in information systems and security.

XM Cyber

XM Cyber

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk.

AUTOCRYPT

AUTOCRYPT

AUTOCRYPT is a mobility security provider dedicated to the safety of future transportation

Debevoise & Plimpton

Debevoise & Plimpton

Debevoise & Plimpton LLP is a premier law firm with market-leading practices in areas including Data Strategy & Security.

CSIOS Corp.

CSIOS Corp.

At CSIOS we help our customers achieve and sustain information and cyberspace superiority through a full range of defensive and offensive cyberspace operations and cybersecurity consulting services.

Wing Security

Wing Security

Wing fosters a stronger security culture by engaging SaaS end-users and enabling easy communication with security teams.

Visory

Visory

Great businesses depend on great technology. We make sure our clients go to market with enterprise-level technology and world-class security for their data and infrastructure.

OSP Cyber Academy

OSP Cyber Academy

OSP Cyber Academy are a managed service provider of cyber, information security and data protection training.

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.

Veza Technologies

Veza Technologies

Veza is the authorization platform for data. Built for hybrid, multi-cloud environments, Veza enables organizations to manage and control who can and should take what action on what data.

vpnMentor

vpnMentor

We started vpnMentor to offer users a really honest, committed and helpful tool when navigating VPNs and web privacy.

OxCyber

OxCyber

OxCyber's mission is to ignite and encourage cybersecurity and technology growth in the Thames Valley through meetings, webinars, in person events, workshops and mentorship programs.

Vultara

Vultara

Vultara provides web-based product security risk management tools for electronics manufacturers.

Corporater

Corporater

Corporater provides organizations with integrated solutions for managing governance, performance, risk, and compliance built on a single platform.

Tototheo Global

Tototheo Global

Tototheo Global harness the power of connectivity and technology to bridge technological divides, driving progress, security, and sustainability for a seamlessly connected world.