The City of Oakland was hit by a ransomware attack on Wednesday night that forced it to take all systems offline until the network is secured and affected services are brought back online.
The attack has not affected core services, with the City saying that 911 dispatch and fire and emergency resources are all working as expected.
The City’s Information Technology Department (ITD) is coordinating with law enforcement to investigate the attack and working on securing and restoring impacted services.
“The Information Technology Department is coordinating with law enforcement and actively investigating the scope and severity of the issue,” the City said in a statement issued on Friday.
“Our core functions are intact. 911, financial data, and fire and emergency resources are not impacted.”
The City is also developing a response plan to address the issue according to industry best practices and will share more information as soon as it’s available.
“In the meantime, the public should expect delays from the City as a result. We are actively monitoring the situation and sending updated information as it becomes available,” the statement also reads.
In an abundance of caution, ITD has taken affected systems offline while they work to secure and restore services safely. In the meantime, the public should expect delays from the City as a result.
— City of Oakland (@Oakland) February 10, 2023
The ransomware group behind the attacks is currently unknown, and the City is yet to share any details regarding ransom demands or data theft from compromised systems.
A City of Oakland spokesperson could not provide additional details when BleepingComputer reached out for more information earlier today.
Oakland reporter Jaime Omar Yassin who broke the story on Thursday that the City of Oakland was likely hit by ransomware, also reported last year that the City’s IT department under-staffing was exposing it to ransomware attacks.
According to Emsisoft threat analyst Brett Callow, “at least 6 U.S. local governments have been impacted by ransomware already this year, with at least 4 of them having had data stolen.”
As Emsisoft shared in January, ransomware attacks have impacted more than 200 hundred larger organizations in the U.S. public sector in 2022 across government, educational, and healthcare verticals.
Compared to the year before, ransomware attacks on local governments have seen an increase from 77 to 105 incidents in 2022.
Microsoft also revealed in January that it’s tracking over 100 ransomware gangs that have deployed more than 50 unique ransomware families until the end of last year.