Tulsa Officials Warn Ransomware Attackers Leaked City Files

The attackers behind a May 2021 ransomware campaign against the city of Tulsa, Okla., have shared more than 18,000 city files via the Dark Web, officials reported this week.

Most of the files leaked were police citations and internal department files, officials wrote in a release, noting that police citations contain some personally identifiable information (PII) such as name, birth date, address, and driver's license number. Citations don't include Social Security numbers, they noted.

So far, no other files are known to have been shared, but officials are warning anyone who has filed a police report, received a police citation, made a payment to the city of Tulsa, or shared PII with the city online, in person, or on paper before May 2021 to take monitoring precautions.

These residents are asked to monitor their financial accounts and credit reports, request fraud alerts from their credit and debit card providers, change passwords to their personal accounts, and take additional authentication measures for their personal accounts and applications.

Tulsa's incident response team and federal authorities are still investigating the attack and are monitoring for any information being shared.

Read the full release for more information.