DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Oakland remains behind an 8-ball in responding to ransomware attack

Posted on April 7, 2023 by Dissent

Sarah Ravani reports:

Oakland’s police union filed a claim against the city after a ransomware attack released personal information for thousands of current and former city employees, union officials said Monday.

The legal filing, which asks for monetary damages of up to $25,000 per affected employee, argues that the city failed to implement “reasonable, industry-standard security protocols for its information systems,” and as a result, employees’ personal information was released.

The filing comes nearly two months after the city reported a ransomware attack by a hacker group that released 12 years of city employee rosters, including a list of thousands of current and past employees’ Social Security numbers, driver’s license numbers, birth dates and home addresses.

$25,000 per employee? Perhaps they want to make a point with the complaint or are just angry that they found out more from the media than they did from their employer, but $25,000 is nothing like what would ever be awarded in a settlement or jury result.

Read more at SF Chronicle. The Play ransomware gang claimed the attack on Oakland, but we also saw LockBit post Oakland on their leak site. The city subsequently denied that there had been a second attack.

They have not denied that there has been a second massive data leak by Play, however.  Oakland’s situation is one to note. The mayor has admitted that the city has absolutely no idea what data the threat actors exfiltrated, and they don’t know until the data are leaked. So far, Play has leaked two dumps. Do they have any more data? How long will Oakland have to watch to determine if there are more people they will have to notify? If Play has more data and strings out the leaks, Oakland could be dealing with rolling notifications and updates.

In her TV interview, Mayor Sheng Thao asserted, “It is illegal for people to actually go and actually download things from the dark web.”  Once again, a politician proudly flaunts their ignorance of the law. It is not illegal to go to the dark web. It is publicly available. It is also not illegal to download many things from the dark web. However, downloading copyrighted material without permission of the copyright holder or downloading child pornography would be illegal in the U.S.

 

Related posts:

  • Has Oakland been hit with a second ransomware attack? (1)
  • MI: Oakland Family Services security breached, 16K clients affected
Category: Government SectorMalwareU.S.

Post navigation

← Hackers leak 16,000 Tas documents on dark web
Tesla workers shared sensitive images recorded by customer cars →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.