Today, the City of Tulsa was made aware the persons responsible for the May 2021 City of Tulsa ransomware attack shared more than 18,000 City files via the dark web mostly in the form of police citations and internal department files. Police citations contain some Personal Identifiable Information (PII) such as name, date of birth, address and driver’s license number. Police citations do not include social security numbers.
No other files are known to have been shared as of today, but out of an abundance of caution, anyone who has filed a police report, received a police citation, made a payment with the City, or interacted with the City in any way where PII was shared, whether online, in-person or on paper, prior to May 2021, is being asked to take monitoring precautions.
Residents are asked to:
For additional information on how to protect your privacy, visit the Oklahoma Department of Consumer Credit website.
The City’s Incident Response Team and federal authorities are continuing to investigate the data breach and monitor any information being shared.
Following the cyber attack in May, the City’s main priority has been to restore critical resources and mission-essential functions, which include public-facing systems and internal communications and network access functions, as PII had not been shared. Business recovery teams had categorized and prioritized system restoration efforts and have continued their work to restore and validate business systems within the City.
The City of Tulsa will continue to provide updates as the situation evolves. You can continue to receive updates at City of Tulsa Facebook or on the City’s website, www.cityoftulsa.org