Hackers have infiltrated the IT infrastructure of Oakland, forcing the San Francisco Bay area metropolis to take systems offline as it works to secure and restore services, the city government said in a notice.
For now, visitors of oaklandca.gov are greeted with a red banner saying:
“Oakland is experiencing a network outage. Several non-emergency systems including voicemail within the City of Oakland are currently impacted or offline. Thank you for your patience while we work to restore services.”
A notice posted by city officials late last week reveals Oakland was hit by a ransomware attack that began on the night of Feb. 8.
“The Information Technology Department is coordinating with law enforcement and actively investigating the scope and severity of the issue,” the notice reads.
Oakland’s core functions are intact, with the city assuring citizens that they can reliably reach out to 911, fire and emergency departments, as well as finance-centric services maintained by the city.
Five days into the attack, the city says it is developing a response plan to address the issue.
“In an abundance of caution, ITD has taken affected systems offline while they work to secure and restore services safely,” the notice continues. “In the meantime, the public should expect delays from the City as a result. We are actively monitoring the situation and sending updated information as it becomes available.”
It’s a mystery which hacking group is responsible for the attack, and it’s unclear what the hackers’ demands are.
Taking systems offline is a standard procedure in these scenarios, but this does not mean hackers hadn’t already exfiltrated sensitive data from the city’s servers. Typically, if the hackers don’t reach an agreement with their victim, they end up leaking or selling the data to fraudsters on private forums on the dark web.