The LockBit ransomware gang has claimed to have stolen files from the City of Oakland’s systems. The gang threaten to leak the data in 19 days on April 10. However, the gang has yet to provide any proof of their claim. This is not the first time LockBit has made such a claim. One such claim in June 2022 proving to be false. The City of Oakland has not yet issued a statement on this new claim.
Play LockBit ransomware also claimed to have stolen data from the City of Oakland
This is not the first time the City of Oakland has been the victim of a ransomware attack. In early March, the Play ransomware gang claim to have stolen data from the City’s systems. They began leaking the data online. The City confirms employee information, including names, addresses, driver’s license numbers. Also the Social Security numbers were among the data stolen. The City declared a local state of emergency and took all its IT systems offline until the network was secured.
City of Oakland still working to restore systems
The City of Oakland has been working to restore its systems since the February ransomware attack. The City’s official website tracking the latest developments and restoration efforts was last updated on March 8. The FBI is also helping with the ongoing investigation into the incident. Oakland Mayor Sheng Thao is optimistic that the City’s systems will be online again in the next few weeks to a month.
LockBit ransomware attacks on victims within days or weeks
The City of Oakland is not the first victim of multiple ransomware attacks within days or weeks. An August 2022 report by Sophos X-Ops incident responders revealed that an automotive supplier had its systems encrypted by three different ransomware gangs within two weeks, with two of the attacks happening within two hours.
Recap
The LockBit ransomware gang has claimed to have stolen data from the City of Oakland’s systems, adding to the Play ransomware gang’s previous claim of a breach. While the City is working to restore its systems and investigate the incidents, the frequency of such ransomware attacks on victims within days or weeks is concerning. It highlights the need for increased cybersecurity measures to prevent and mitigate the impact of such attacks.
