Yesterday, the City of Tulsa was informed the persons responsible for the May 2021 City of Tulsa ransomware attack shared 18,938 City files via the dark web mostly in the form of police records and internal department files.
Included in the data breach was Personal Identifiable Information (PII) such as name, date of birth, address and driver’s license number.
No other files are known to have been shared as of today, but out of an abundance of caution, anyone who has interacted with the City in any way where PII was shared, whether online, in-person or on paper, prior to May 2021, should take monitoring precautions.
Residents are asked to:
The City’s Incident Response Team and federal authorities are continuing to investigate the data breach and monitor any information being shared.
Following the cyber attack in May, the City’s main priority has been to restore critical resources and mission-essential functions, which include public-facing systems and internal communications and network access functions. Business recovery teams had categorized and prioritized system restoration efforts and have continued their work to restore and validate business systems within the City.
The City of Tulsa will continue to provide updates as the situation evolves. You can continue to receive updates at City of Tulsa Facebook or on our City of Tulsa Cyber Notice page.