Hackers about to sell the personal data gathered in recent Oakland’s ransomware attack
Oakland, California – In a troubling development stemming from the ransomware attack on the City of Oakland, victims are now reporting that their credit card information has been compromised and, in some cases, their identities have been stolen.
The breach, which occurred 12 days ago, has resulted in stolen personal and financial files being leaked onto the dark web by the ransomware group “Play,” with over 3,100 views as of Thursday evening. As the affected consumers struggle to recover from this ordeal, the city has set up a phone number, 866-869-1861, for them to access resources and assistance.
This situation highlights the dangers and far-reaching consequences of cyberattacks and underscores the need for increased vigilance and robust security measures in today’s interconnected world.
“Currently, there are 40 different victim profiles active on the site,” said James Aurand, the counterintelligence lead with Binary Defense.
Aurand says 18 of those victim profiles appear to be from Oakland – about 10 GB of data.
“A lot of the victim profiles actually have data that has been leaked,” said Aurand. “A couple of them are new victims that have been posted.”
Aurand noted that victims of the ransomware attack on the City of Oakland can see a countdown timer on the dark website, which indicates how much time they have left before their data is released or made public on the site. Access to the data requires a password provided by the attackers.
We have learned that the city has enlisted the services of a security awareness company called KnowBe4, based in Florida, to help prevent future phishing attacks. However, it may take up to a year before the protocols being implemented have any significant impact.
Great to hear that the City of Oakland is taking action to improve their security measures. Upgrading their Microsoft 365 services with enhanced security controls such as multi-factor authentication and compromised account detection is a positive step towards preventing future attacks. It’s always important for organizations to prioritize cybersecurity and continuously improve their defenses against potential threats.
KnowBe4 is conducting simulations to determine the percentage of Oakland city employees who are at risk of falling victim to phishing scam emails, which is believed to be one of the ways the ransomware group Play may have hacked into the city’s network. According to McQuiggan, the results show that currently one in every three employees may be vulnerable to such attacks.
Security experts who have analyzed “Play” suggest that the ransomware group might hold on to the stolen data or sell it after six months to a year. This serves as a warning for those at risk to remain vigilant at all times.