Tulsa residents personal information shared on dark web following ransomware attack

Tulsa city officials on Wednesday said that hackers responsible for a ransomware attack last month are now sharing residents’ personal information online.

Over 18,000 city files, including police reports and police department information, have been shared on the dark web, Tulsa’s chief information officer Michael Dellinger told The Associated Press.

“While we’re still investigating, some of the files contained personally identifiable information, such as name, date of birth, address and driver’s license (numbers),” he said.

Dellinger added that residents’ social security numbers were not included in police reports.

The hackers responsible for the ransomware attack, which involves malicious software that places a lock on computer data until a ransom is paid, reportedly sent city officials a letter requesting that a payment be negotiated.

“We chose not to do this,” Dellinger told the AP.

People who have filed a police report have been advised by city officials to monitor their accounts for activity as well as contact their credit and debit card companies to update their passwords, the news outlet noted.

The city identified the ransomware on May 6 and said initially that no personal data was accessed in the attack.

Dellinger said that restoring the city’s core computer systems could take up to two months.

“As part of the restoration effort, the city has implemented additional security measures and increased monitoring to further protect citizens’ data from future attacks,” he said, according to the AP.