A cybersecurity attack on the city of Tulsa’s computer system was similar to an attack on the Colonial Pipeline and that the hacker is known, officials said Thursday.
“I can’t share anything other than we know who did it,” Mayor G.T. Bynum said, adding that the city did not pay the hackers. “They wanted to talk with us about what (a ransom) would be for them not to announce (the attack) and we never engaged them.”
Bynum said Tulsa’s computer security system identified the attack and shut down the system before it was infiltrated.
The attack, discovered earlier this month, was similar to the ransomware attack that shut down the Colonial Pipeline for days, according to Tulsa Chief Information Officer Michael Dellinger.
Colonial Pipeline eventually paid a $4.4 million ransom, the Georgia-based company said.
Tulsa’s computer system remains shut down while each of the city’s computers and servers are examined and cleaned, Dellinger said. There has been no indication any data was breached, he added.
Dellinger said an investigation is underway to determine how the attacker infiltrated the system.
Bynum said city utility services, such as water, will not be disconnected until five days after the system is back online and electronic payments are possible.
Police and fire responses continue, but issues such as uploading police body cameras are slowed because of the computer shutdown.
Related: Oklahoma Pension Fund Reports $4.2 Million Cyber Theft
Related: Misconfigured Server Leaks Oklahoma Department of Securities Data
Related: Colonial Pipeline CEO Explains $4.4M Ransomware Payment