City of Oakland data is leaked! PLAY Ransomware

Your daily FLASH NEWS on Cyber Security:

If you have yet to care about cybersecurity, is this the best time to do so? Recently, the PLAY Ransomware gang leaks about 12GB worth of data belonging PII information including SSN, address, employee ID, etc. Yes can confirm the validity of the leaked data, and yes thanks to my friend over at DDoSecrets I was able to get my hands on them.

Guess what City of Oakland said the culprit was. You guessed it; phishing e-mail!

PLAY Ransomware group adds .play extension after encrypting files of its victims and it adds a txt file with a single word “PLAY”. According to Trend Micro, its playbook is similar to HIVE — you can read more about it in more details here: https://www.trendmicro.com/en_us/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html

Now with this in mind, what steps are you taking to ensure that this does not happen to your organization? It does not matter how much money you are spending on security solutions, if your employees still don’t take security awareness seriously. What would it take for people to start realizing? Security is the responsibility of all.