A hacker group claimed responsibility for a February ransomware attack on the City of Oakland and announced its intent to leak hacked data to the public.
Philadelphia cybersecurity analyst Dominic Alvieri said on Twitter Thursday that hacking group Play Ransomware claimed that it was responsible for a ransomware attack launched against the City of Oakland on Feb. 8, which affected several city services for a span of time that month.
Alvieri tweeted a screenshot obtained by cybersecurity news site Bleeping Computer, which showed that the hackers had obtained access to “private and personal confidential data, financial, gov and etc. IDs, passports, employee full info.” The screenshot also said that the data contained information allegedly proving human rights violations.
In a statement on Friday, the City of Oakland said it is aware of an impending data leak, but did not say who obtained the information.
"[The city] recently became aware that an unauthorized third party has acquired certain files from our network and intends to release the information publicly," Oakland said on its news blog Friday. “We are working with third-party specialists and law enforcement on this issue and are actively monitoring the unauthorized third party’s claims to investigate their validity.”
The City of Oakland declared a state of emergency on Feb. 14 to more quickly marshal resources to recover from the attack, which had impacted people's ability to pay parking fees and taxes online or connect by phone with several city departments.
According to cybersecurity firm Avertium, Play Ransomware is a ransomware group that began in June 2022, and has directed attacks against several other high-profile targets, including Argentina’s Judiciary of Córdoba and the German hotel chain, H-Hotels. The group's attacks have focused on targets in Latin America, India, Hungary, Spain and the Netherlands.
Alvieri and the City of Oakland did not immediately respond to requests for comment.