Man says fraudulent accounts opened, home purchased in his name after city ransomware hack

"On the credit report, there's credit cards that should've been closed, they're now open with balances of $17,000 and $30,000."

ByStephanie Sierra KGO logo
Wednesday, December 27, 2023
Oakland man says fraudulent accounts opened after ransomware attack
An Oakland man says after the city's ransomware attack multiple fraudulent purchases have been made in his name including a house.

OAKLAND, Calif. -- It's been ten months since the city of Oakland, California's network was hacked and the personal information of tens of thousands of people was leaked onto the dark web. Now, one victim says multiple accounts have been opened in his name, making fraudulent purchases, including a house.

Our sister station KGO was the first to report the city's oversight -- exposing dozens of victims who were never notified that their sensitive financial information was leaked.

"It's a living nightmare," said Oakland native Dedrick Warmack, as he anxiously checked his mailbox. "On the credit report, there's credit cards that should've been closed, they're now open with balances of $17,000 and $30,000."

VIDEO: Dozens of Oakland ransomware victims never notified SSN were leaked on dark web

Dozens of victims of Oakland ransomware hack were never notified their social security numbers were leaked on the dark web, the I-Team found.

Warmack says his identity was stolen months after the city's network was hacked.

"I have no idea how many accounts have been opened in my name," he said.

Warmack says his credit score dropped more than 200 points, but he didn't know at the time that was just the beginning.

At first, he says he started receiving strange phone calls and emails about refinancing a home. That was followed by letters he says he got from several banks notifying him of new accounts in his name.

"I knew something was going on," he said.

Warmack is one of dozens of victims who previously filed a claim with the city alleging injury, but instead, ended up with their personal and financial information leaked.

Now, he says fraudulent checks are being made in his name.

RELATED: Oakland ransomware attack: Leaked data has more than 3.1K views on dark web

"Like this water and sewage bill for $2,000," Warmack showed as he scrolled through his accounts. "This is not East Bay Mud..."

Warmack says some of the bills appear to be from New England.

"It says it's an open balance, how can I have an open balance?"

From there -- he says it only got worse.

"I'm getting notices about refinancing a home... and I'm like, I pay rent," said Warmack. "Somebody has something in my name somewhere since October, I've been getting emails from Best Buy about kitchen installations."

And to add to the stress, he says he didn't even know about it until the KGO investigative team contacted him. Now, he's scrambling to get help.

In April, KGO spoke to dozens of victims on the phone and in person, but not one person said they received any notice from the city that their personal and financial information was impacted. Some of their identities have been kept anonymous.

"It was literally reliving the worst night of my life," said one resident.

"Someone put an apartment in my name without me even knowing," another person said.

VIDEO: Oakland police union says Mayor Thao is 'stonewalling' crucial info about ransomware attack

The Oakland police union has accused Mayor Sheng Thao of stonewalling their attempts to get update on the scope of the ransomware attack.

In March, KGO asked Oakland Mayor Sheng Thao about the status of informing the thousands of people impacted by the breach, but they didn't get a straight answer at the time.

"We have notified the current employees, and not just that but we've also notified the employees that have left the city," said Thao during the March press conference.

That was ten months ago. This week, the city told KGO the notification process was completed "several months ago."

But KGO has still received complaints from residents affected who say they still haven't been notified.

In May, the mayor committed to spending an additional $10 million to upgrade and harden cyber security protections over the next two years. Documents obtained by KGO from the city administrator's office show only 30% of that goal has been spent since. This includes the rebuilding of OPD's CCTV server, which the mayor says is now fully operational.

But other concerns still linger.

"We're being poorly managed at the city of Oakland," said city council member Noel Gallo.

VIDEO: Did Oakland have right cyber insurance before the ransomware hack? Expert weighs in

On the heels of a multi-million dollar missed opportunity to fight retail theft, following 1,000 911 dispatcher applications overlooked, some city officials are concerned about another mistake, including cyber insurance.

Eight months ago, KGO consulted cybersecurity experts to weigh in on whether Oakland's current policy is sufficient enough to protect against a future ransomware attack.

Chris Hetner, a cybersecurity specialist formerly with the Securities and Exchange Commission said the answer is no.

"It seems like it's mostly covering comprehensive electronic information and security liability coverage, so that assumes it's tied to data," Hetner told the I-Team. "If I think about the disruption tied to ransomware, like shutting down systems, not being able to deliver services, it seems like this policy is not designed to meet those needs."

In a statement provided to KGO, the city says their cyber insurance policy has not changed since the incident.

It's leaving victims, like Warmack, wanting to leave the city and worried this nightmare won't end.

"If Oakland can't protect themselves, how are they going to protect our information?" he said.