The city of Oakland continues to deal with a ransomware crisis that began one month ago. (City of Oakland)
OAKLAND — Another large trove of sensitive data stolen from the city’s internal network has been dumped onto the internet, exposing even more sensitive personal information of current and former city workers, as well as residents.
City officials confirmed Tuesday that the same “unauthorized third party” hacker group behind the February attack was responsible for the latest release.
Sources who viewed a link to download the data on the dark web — a layered version of the internet not searchable on the web — told this news organization that the dump amounted to around 600 gigabytes.
It is a far larger haul than the nearly 10 gigabytes that were dropped last month, immediately plunging Oakland’s workers and residents into high alert for fraud and other breaches of their personal information.
The large data dump supports what experts had spent the past month suggesting: that the first round of data exposure was the hackers’ way of extorting money from the city by signaling that they meant business.
“We are working with third-party specialists and law enforcement to investigate and we will continue conducting a thorough review of the involved files,” city spokesperson Jean Walsh said in an email.
The full extent of the data contained in the massive bundle of files is not yet clear. Walsh said the city has begun “notifying individuals whose information was involved in this incident, and will continue to do so in accordance with applicable law.”
The ransomware gang Play has claimed responsibility for the attack, which has led to a flurry of connectivity issues in the city’s phone and internet systems.
More damagingly, thousands of current and former city employees have had their medical information, home addresses and social security numbers exposed on the dark web, which anyone can access with the proper software.
The city acknowledged Tuesday that the hack also affected a “limited subset” of residents who aren’t employees, such as those who filed a legal claim against the city or applied for certain federal programs through Oakland’s public services.
The city has opened a call center — open between 8 a.m. to 5 p.m. on weekdays — that can be reached at 866-869-1861.
The aftermath of the attack has left numerous workers frustrated. This week, Oakland’s police officers union made good on its earlier threat to file a legal claim against the city seeking damages.
“As a result of the city’s conduct, the (union) members have suffered, and are at an
increased risk of suffering, economic harm and identify theft,” states the union claim, noting how the city was twice warned of being vulnerable to a ransomware attack.
Barry Donelan, president of the Oakland Police Officers’ Association, said in an interview last week that several union members had already seen their credit information breached by fraudsters.
“I’ve had an officer try to freeze his credit and someone got there ahead of him and put their name on his credit first,” Donelan said, adding that his worst fear is “a year, two years from now, a young person tries to buy a home and their credit is shot.”
The city, for its part, maintains it has communicated with affected employees “every step of the way.” Mayor Sheng Thao hasn’t responded to multiple requests for comment on the ongoing ransomware fiasco.
“We remain committed to protecting the data we maintain, and regret any inconvenience or concern this incident caused our community,” Walsh, the city spokesperson, said in Tuesday’s statement. “We will continue to provide pertinent updates and thank our community for their continued support.”
Originally published at Shomik Mukherjee