Ransomware Gang Claims Responsibility For The Attack On Oakland

Uploaded on 2023-03-10 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Play ransomware gang has taken responsibility for a cyber attack on the City of Oakland that has disrupted IT systems since February. Oakland is a city in California on the east side of the San Francisco Bay Area with a population of about 440,000.  Now, the Play gang has begun partially publishing data they stole. 

The criminals claim that they have taken control of documents containing private and sensitive information, financial and official records, identity documents, passports, individual employee data and other sensitive information.

On March 1, 2023, the city was listed as a victim on the gang’s extortion website, as discovered by security researcher Dominic Alvieri. These documents were stolen during the hackers’ network intrusion. They are now used as a bargaining chip to persuade the city administration to meet their demands and pay the ransom. 

The gang is also warning it has more stolen data to dump, to pressure the city to pay up to prevent more confidential information from leaking. “For now partially published compressed 10gb. If there no reaction full dump will be uploaded,” the Play gang wrote.  

Previously, Oakland's local government disclosed that it was the target of a ransomware attack on February 10th which disrupted all of its IT networks, except for emergency services.

On February 14, the city declared a state of emergency to expedite the restoration of the impacted systems and all services as soon as possible. Because the city could not accept online payments, all business taxation obligations were given a 45-day extension. Parking violation services were also affected, with cashier booths unable to accept calls or transactions. By February 20, IT specialists had assisted in the restoration of public computers, printing, scanning, wireless Internet connectivity, and library services throughout the city’s facilities, but the city’s non-emergency phone services and business tax licenses remained unavailable.

Play Ransomware, also known as PlayCrypt, is a relatively new ransomware operation that began in June 2022. Previously Play Ransomware has targeted victims across various sectors, including industrial, manufacturing, technology, real estate, transportation, education, healthcare, government and others. 

The ransom demands vary depending on the size and importance of the victim organisation. Some victims have reported paying thousands or millions of dollars to get their data back.

Malwarebytes:     Bleeping Computer:     SecureWorld:   PCMag:      ABC7:    TEISS:     

You Might Also Read: 

Banning Ransomware Payments - Will It Work?:

__________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Meta Plans A Rival To Twitter 
Cybersecurity Is No Longer The Sole Responsibility Of IT Specialists  »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CrowdStrike

CrowdStrike

CrowdStrike is a global provider of security technology and services focused on identifying advanced threats and targeted attacks.

Black Duck Software

Black Duck Software

Black Duck Hub allows organizations to manage open source code security as well as license compliance risks.

OneVisage

OneVisage

Our award-winning 3DAuth digital identity platform turns any consumer mobile device into a real-time 3D facial scanner that securely authenticates the user in seconds.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Ockam

Ockam

Ockam gives you the tools you need to establish an architecture for trust within your connected device applications.

Cyan Securiy Group

Cyan Securiy Group

Cyan provide best-in-class cyber security solutions for mobile Internet and mobile devices that are extremely effective and highly intuitive in their use.

Kentik

Kentik

Kentik - one platform for Network Visibility, Performance, and Security.

JM Search

JM Search

JM Search’s Information Technology Executives Practice sources the most sought-after technology roles including CIO, CTO, CISO, CDO and other senior posts.

SecureThings

SecureThings

SecureThings focus is to provide guidance and technology to secure connected vehicles in order to build end-to-end security for the automotive industry.

Binare

Binare

Binare empowers companies all over the world to improve their IIot/IoT /Embedded cybersecurity posture and digital privacy.

Enea

Enea

Enea is one of the world’s leading specialists in software for telecommunications and cybersecurity. Our products are used to enable services for mobile subscribers, enterprise customers and IoT.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

VMware

VMware

VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control.

Codenotary

Codenotary

Codenotary provide a comprehensive suite of verification and enforcement services to guarantee the integrity of your software throughout its entire lifecycle.

CloudBees

CloudBees

CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.