City of Oakland posts statement on ransomware attack, as hackers begin posting data online

OAKLAND, Calif. – The City of Oakland Monday acknowledged that its servers have been hijacked by a hacker group called Play, in a cyberattack that has crippled the city’s systems and compromised private data.

The mayor declined to talk about the issue and the City Administrator’s office was dark Monday afternoon.

Instead, a message was posted on the city’s website acknowledging the ransomware attack and warning about a network outage. 

“Moving forward we will focus on strengthening the security of our information technology systems,” said Mayor Sheng Thao in the statement on the website.

The hacker group ramped up the stakes over the weekend. Online, the group posted a statement declaring they have access to personal confidential data, financial information, IDs, passports, employee information, and human rights violation information.

The website indicated the page had more than 1,130 views.

The hacker group posted a link with a password for people to download part of the stolen data and issued a threat saying, “If there (sic) no reaction full dump will be uploaded.”
Cooper Quintin, a Senior Staff Technologist with the Electronic Frontier Foundation, says the hacker group Play is not well-known, but has been flagged in the past by some cybersecurity websites that share bits of codes from various hacker groups in order help tech experts fight off attacks and improve security.

“It looks like they have ties to some pretty established ransomware groups like Conti, which was a big one as recently as last year,” said Quintin.

Quintin was able to access parts of Play’s hacker code from an online cybersecurity page.

“So this is a bespoke piece of software they’ve developed in house that they can, you know, on any computer system that they get a foothold on, they can deploy it and just instantly encrypt all the files and then send a…