Furious that gobs of their personal data are now available on the dark web, some Oakland employees are suing the city in a class action lawsuit over the February ransomware attack that hobbled the city’s IT systems.
You may have wondered what happened with that ransomware attack on the city of Oakland in early February. We know that the hackers said they would release city employees’ personal data if some sort of crypto ransom demands were not met, and in early March, with no ransom paid, they put the personal information of thousands of city employees on the dark web. But there seems to be encouraging news that at least the city's IT systems are up and running again, as an update from Oaklandside this week notes that “nearly all of the city’s IT systems have been restored.”
Or maybe it’s not encouraging news, as that update comes in the context that there is now a class action lawsuit against the city of Oakland filed by angry employees whose data was compromised, according to the Bay Area News Group. That outlet notes that there are now actually the class action suit, filed in April, followed closely behind a lawsuit from the Oakland police officers’ union. The class action was filed by police services technician Hada Gonzalez, who is not a member of the union, and the union is now reportedly a party to the class action as well.
The Gonzalez suit noted that the affected employees “suffered and will continue to suffer ongoing, imminent, and impending threat of identity theft crimes, fraud and abuse, resulting in monetary loss and economic harm.”
Oaklandside notes that there’s a third suit that was filed by city construction inspector David Martinez, alleging the same; and the Oakland firefighters' union is considering their legal options as well.
The hackers reportedly accessed roughly a decade’s worth of people’s sensitive personal data, mostly city employees. That data included social security numbers and dates of birth, though in the case of police department employees, the hackers reportedly also accessed discipline records and results of internal affairs investigations.
And because these are class action suits, more city employees can join in as plaintiffs (which the attorneys would obviously love). Attorney Scott Cole told the Bay Area News Group that the plaintiff pool could be “potentially all City employees — ever — whose info was accessed and, potentially, all persons who gave information of any kind to the City.”
Related: The Oakland Ransomware Attack Files Have Been Leaked [SFist]
Image: Almonroth via Wikimedia Commons