Oakland ransomware attackers leak ‘confidential’ data
LATEST March 3, 5:30 p.m. Play Ransomware, the hacker group claiming responsibility for a ransomware attack on Oakland in February, has published confidential data, Emsisoft threat analyst Brett Callow confirmed to SFGATE, though the contents have yet to be confirmed by SFGATE. The group claims the leak contains 10 gigabytes of compressed data.
The city of Oakland declined to provide comment to SFGATE about the attack, instead referring back to its statement published earlier Friday.
March 3, noon Weeks after Oakland confirmed that it fell victim to ransomware, the alleged attackers have come out to claim the cyberattack — and detailed the extent of their purported conquest.
As first noted by Philadelphia cybersecurity analyst Dominic Alvieri, the hacker group Play Ransomware claims that it was responsible for the attack on Oakland, which rendered many city services inoperable for a stretch of time in February.
The possible extent of the leak is troubling: According to a screenshot first obtained by cybersecurity news site and forum Bleeping Computer, the group obtained access to “private and personal confidential data, financial, gov and etc. IDs, passports, employee full info.”
“The claim appears official and data should be leaked within about two hours I believe,” Alvieri told SFGATE in a Twitter message, adding that the estimate comes from prior “claim post timelines.”
The city of Oakland appears aware of an impending leak, but did not identify the group or confirm the validity of its claims.
“While the investigation into the scope of the incident impacting the City of Oakland remains ongoing, we recently became aware that an unauthorized third party has acquired certain files from our network and intends to release the information publicly,” the city said on its news page Friday. “We are working with third-party specialists and law enforcement on this issue and are actively monitoring the unauthorized third party’s claims to investigate their validity.”
It is unclear whether the city will negotiate with or pay the group. The city also did not…
