Officials at the City of Oakland, California, have dismissed claims that the city was impacted by a separate LockBit ransomware attack following a Play ransomware intrusion that prompted a weeks-long disruption of the city's systems, according to The Record, a news site by cybersecurity firm Recorded Future.
Oakland was added to LockBit's data leak site on Tuesday but did not include any evidence of the attack.
"Based on the investigation so far, we have no indication there was additional unauthorized access of our systems. We will continue to provide updates as appropriate," said a city spokesperson.
Both Emsisoft ransomware expert Brett Callow and Recorded Future Senior Security Architect Allan Liska noted that an affiliate working for both LockBit and Play ransomware could have performed the intrusions.
"It wouldn't be the first time something like this had happened. But this is only one of many possibilities including that LockBits claim is completely bogus," said Callow.
Officials at the City of Augusta, Georgia, have been noted by Mayor Garnett Johnson to have not communicated with the BlackByte ransomware operation that took credit for a cyberattack against the city that commenced on May 21, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks exploiting a zero-day in the MOVEit Transfer file transfer app to compromise various servers and facilitate data exfiltration efforts have been admitted by the Clop ransomware operation, also known as Lace Tempest, TA505, and FIN11, after the intrusions have been attributed to the group by Microsoft, reports BleepingComputer.