Another ransomware operation, the LockBit gang, now threatens to leak what it describes as recordsdata stolen from the City of Oakland’s programs.
However, the gang has but to publish any proof that they’ve stolen any recordsdata from the West Coast port metropolis’s community.
On the brand new entry added to the LockBit darkish internet information leak web site, they’re solely warning that every one the information they’ve will probably be revealed in 19 days, on April 10.
LockBit has beforehand made claims which have confirmed to be false on a minimum of one event.
In June 2022, the ransomware group stated it hacked Mandiant’s programs and stole a whole lot of 1000’s of recordsdata, which proved to be a publicity stunt after publishing a press release saying it had no ties with the Evil Corp cybercrime gang as a substitute of leaking any stolen information.
The City of Oakland is but to concern a press release relating to the claims made by the LockBit ransomware gang.
This is the second ransomware gang claiming to have stolen information from the City of Oakland after Play ransomware took duty in early March for a mid-February cyberattack.
The Play gang later started leaking what it claimed to be the City of Oakland’s stolen information as 10GB multi-part RAR archives containing confidential paperwork, worker data, passports, and IDs.
Employees’ private data leaked on-line
The City issued a assertion the day after the assault was claimed by the Play ransomware gang, confirming an investigation into what was leaked on-line and started sending information breach notification letters to affected people on March 15.
“On February 8, 2023, the City of Oakland experienced a cybersecurity incident involving malware, which encrypted some of our systems,” the City of Oakland stated within the letters despatched to affected workers.
“Through the investigation, the City determined that between February 6, 2023 and February 9, 2023, an unauthorized actor accessed and/or took certain files stored on City computer servers.”
Impacted workers have been informed that a few of their private data was stolen from the City’s compromised programs, together with names, addresses, driver’s license numbers, and Social Security numbers.
The City of Oakland additionally declared an area state of emergency on the identical day due to the influence of the ransomware assault that pressured it to take all its IT programs offline on February 8 till the community was secured.
While this ransomware assault didn’t influence the City’s 911 and emergency companies, different programs needed to be taken offline, together with cellphone service and programs used to course of reviews, acquire funds, and concern permits and licenses.
City programs will probably be on-line subsequent month
A web page on the City’s official web site monitoring the most recent developments and efforts to revive companies after the February ransomware assault was final up to date nearly two weeks in the past, on March 8.
In a press convention on Monday, Oakland Mayor Sheng Thao stated the City continues to be engaged on restoring affected programs and that the FBI can be serving to with the continued investigation into the incident.
When requested when all of the City’s programs can be on-line once more, Thao stated, “we are optimistic we can get there in the next few weeks, or maybe the next month.”
The City of Oakland would not be the primary ransomware sufferer breached a number of instances inside days or perhaps weeks.
As Sophos X-Ops incident responders revealed in an August 2022 report, an automotive provider had its programs encrypted by three totally different ransomware gangs inside two weeks, two of the assaults taking place inside simply two hours.