Tulsa Officials Warn Ransomware Attackers Leaked City Files

The group behind the May 2021 attack has shared more than 18,000 files via the Dark Web, mostly internal department files and police citations.

Dark Reading Staff, Dark Reading

June 25, 2021

1 Min Read
Dark Reading logo in a gray background | Dark Reading

The attackers behind a May 2021 ransomware campaign against the city of Tulsa, Okla., have shared more than 18,000 city files via the Dark Web, officials reported this week.

Most of the files leaked were police citations and internal department files, officials wrote in a release, noting that police citations contain some personally identifiable information (PII) such as name, birth date, address, and driver's license number. Citations don't include Social Security numbers, they noted.

So far, no other files are known to have been shared, but officials are warning anyone who has filed a police report, received a police citation, made a payment to the city of Tulsa, or shared PII with the city online, in person, or on paper before May 2021 to take monitoring precautions.

These residents are asked to monitor their financial accounts and credit reports, request fraud alerts from their credit and debit card providers, change passwords to their personal accounts, and take additional authentication measures for their personal accounts and applications.

Tulsa's incident response team and federal authorities are still investigating the attack and are monitoring for any information being shared.

Read the full release for more information.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights