Weeks after hitting the City of Oakland, California, the Play Ransomware is now leaking the stolen data to the public!
The first batch of dumps included 10GB worth of files containing sensitive documents, employee information, passports, and IDs. The City of Oakland has responded to this leak, saying that it’s still investigating the issue and will inform the affected people soon.
Leaking the Stolen Data of Government
Ransomware actors hitting government agencies attract a lot more attention than the regular corporate victims, as the former are guarded with certain regulatory standards, which are often missing in commercial entities. Well, hackers with advanced techniques will anyway penetrate into the network, irrespective of the nature of the organization.
In this pursuit, we see the City of Oakland, California, is the victim of Play ransomware – where the initial attack happened on February 8th. The government has taken down the systems offline to secure them – and reinstated them after a while.
Though many systems like payments, process reports, issued permits, and licenses were taken down, the 911 and emergency services weren’t impacted. Well, the City immediately intimated law enforcement and launched an investigation into the incident.
“We are working with third-party specialists and law enforcement on this issue and are actively monitoring the unauthorized third party’s claims to investigate their validity.”
As they are learning, the threat actor: Play Ransomware, has started leaking the stolen data in batches. The first dump included 10GB worth of files in RAR format, containing sensitive information like confidential documents and employee data like their passports and IDs.
This could put all the affected users at risk of impersonation and financial fraud if they’re suspicious. Well, the City said it’d inform the impacted individuals upon realizing the scope of the attack and its impact.