One of the biggest cities in the US by population size, the City of Tulsa, was victim of a ransomware attack that affected its government’s network and forced the shutdown of official websites over the weekend.
Shortly after the attack, that took place Friday night, the city issued a statement to inform that no customer information has been comprised in the security breach.
The City’s IT and security staff have shut down impacted internal systems to avoid the spreading of the threat. Emergency services such as 911 and the city’s public safety response will continue to operate normally.
“According to the Tulsa Police Department (TPD), 911 is operational and Tulsa’s public safety response is continuing as normal.” reported the Krmg website.
“As for utility billing, Tulsa police say new account registration is currently unavailable. Tulsans can make a payment on their account and view their bill as a guest as long as they have their new account number and customer ID, plus the name on their account exactly as it appears on their bill.”
The City of Tulsa reported the incident to the authorities and is investigating the infection with the help of external security experts.
The impact is believed to have impacted a small portion of the infrastructure, and internal experts are attempting to recover impacted systems from backups.
Unfortunately, ransomware attacks against cities in the US are very frequent and in many cases the victims opted to pay the ransomware to restore the operations.
The intensification of ransomware attacks against US cities led the US Conference of Mayors to call on local officials to stop paying the ransom.
(SecurityAffairs – hacking, City of Tulsa)