The City of Oakland today announced it has completed its review of information released following the February 8 ransomware incident and laid out the next steps for the recovery and stronger systems going forward.
“This ransomware attack has caused major challenges for our City and I want to thank our residents for their patience. Our dedicated team have worked extremely hard to investigate this incident, recover systems and data, and provide support for those affected, and I thank them for their work,” said Mayor Sheng Thao. “For too long, this critical infrastructure was neglected and we have a great deal of work to do. Working with the City Council, we have secured $10 million in funds so that we can strengthen our information systems and make them more resilient in the future.”
On February 8, 2023, the City of Oakland identified a ransomware incident affecting its network. Upon detecting the incident the City took immediate action to secure its network, taking systems offline, notifying law enforcement, and initiating an investigation with the help of a third-party forensic firm.
Information obtained during the incident was released publicly in March and April of this year. Today, the City announced it has now completed its thorough review of those files and has identified individuals who may have been impacted. No further data has been released since April of 2023.
The two releases of information included the personal information of City employees, some individuals who filed claims in the City, some City interns and job applicants, and some dependents of City employees. The City is providing all affected individuals with a complimentary membership to identity theft protection services. Individuals are also encouraged to remain vigilant by reviewing their account statements and credit reports for any unauthorized activity. If individuals see unauthorized charges or activity, please contact the financial institution immediately.
- Individuals with questions about Experian IdentityWorksSM or how to sign up for this service can contact Experian’s customer care team at (877) 288-8057.
- Individuals with questions about the incident are encouraged to contact the external call center at (866) 869-1861, Monday through Friday, 8:00 a.m. to 5:00 p.m., Pacific Time.
Today, the City also announced that as of May, 2023 all City systems and operations have been fully recovered and that efforts are well underway to strengthen city information security against any future attacks. Those efforts include:
- Updated information security & operations policies and security monitoring
- Data center and IT infrastructure modernization
- Hiring additional IT security & infrastructure staff
- And continuing upgrades to enhance public safety systems
These improvements will be made possible, in part, by a $10 million investment in information technology and staffing proposed by Mayor Sheng Thao and approved by the City Council earlier this year. That funding, over the next two years, will help Oakland be more resilient and less vulnerable to future attacks.
Substitute notice for affected individuals has also been posted online here.