On May 6, 2021, the city of Tulsa, Oklahoma, was hit by a ransomware attack that forced the city to shut down its network, disrupting municipal email communications and online bill payments. City-operated websites, including the Tulsa Police Department website, were also affected. The attack has been blamed on Conti, a well-known and sophisticated form of ransomware believed to have been developed by Russian hackers.
According to a press release issued by the City of Tulsa, more than 18,000 files—including thousands of Tulsa police citations—were pilfered in the May 6 cyberattack and shared on the dark web earlier this week. Police citations often contain personally identifiable information (“PII”) such as name, date of birth, residential address, and driver’s license number—but should not contain any social security numbers. The city is warning anyone who has filed a police report, received a police citation, or made a payment to the city to take appropriate precautions and monitor their accounts.
Experts warn that—while certain information may seem anodyne—criminals can still use it to tailor attacks and leverage social engineering to deceive victims through phishing emails and other scams.
This incident is a reminder that no organization—even state and municipal governments—is immune from cybercriminals and ransomware.