Officials in Tulsa, Oklahoma, are warning residents their personal information may have been leaked to the dark web following a ransomware attack on the city last month.
The city announced Tuesday that hackers obtained more than 18,000 city files. The leaked files are mostly police citations and internal department files, officials said in a press release.
The documents could contain personal information, including a person’s name, date of birth, address and driver’s license number.
The city asked anyone who filed a police report, received a police citation, made a payment with the city, or shared personal info with the city prior to May to take precautions.
Officials recommended residents monitor financial accounts and credit reports, get credit card companies to issue a fraud alert and change passwords on personal accounts.
The city revealed last month that its computer system fell victim to a cyberattack, leading officials to shut down the city’s online services to solve the problem.
Tulsa Mayor G.T. Bynum has said the attackers asked for a ransom after the city discovered the cyberattack, but the city refused to pay, CNN affiliate KJRH reported.
City officials said last month the cyberattack on Tulsa’s system was similar to the one that crippled the Colonial Pipeline, according to CNN affiliate KTUL.
The April attack on the pipeline forced a temporary shutdown of the company’s operations, causing massive gasoline disruptions in the southeast US.
Colonial Pipeline paid $4.4 million in ransom to the hackers, CEO Joseph Blount said last month, telling the Wall Street Journal, “It was the right thing to do for the country.”
Earlier this month, the Justice Department seized about $2.3 million in Bitcoins paid to individuals investigators said were responsible for the Colonial Pipeline attack. The individuals were in a criminal hacking group known as DarkSide. The FBI said it has been investigating DarkSide, which is said to share its malware tools with other criminal hackers, for over a year.
The ransom recovery, which is rare, was the first seizure undertaken by the recently created DOJ digital extortion taskforce.
Tulsa’s Incident Response Team and federal authorities are investigating the data breach and monitoring information being shared, Tulsa officials said.