TULSA, Okla. — The City of Tulsa said it knows who's responsible for the ransomware attack on May 6, and federal authorities are now handling the case.
READ MORE: The City of Tulsa's ransomware attack
The city said its priority right now is to restore critical resources and mission essential functions. While they can't give an exact timeline, they expect several critical systems to come back online in the coming days.
Tulsa currently has 64 priority systems with multiple servers that are components of those systems. Mayor G.T. Bynum said it has a vast network spanning various locations, and this process has been slow-moving.
"We know who did this, and they are under federal investigation," Bynum said. "So, I can't say who they are right now, but it is reassuring to at least know who did this or who is doing this to the citizens of Tulsa."
After the city discovered the attack, the mayor said a note was sent asking Tulsa officials to contact the hackers.
The initial threat demanded money, or the hackers would announce that the city systems had been hacked. However, the city beat them to it by announcing the hack first, and the city refused to pay any ransom.
Until everything is back up and running, the city has to use many manual processes. Bynum said the best way to get hold of the city is through calling 311.
- Tulsa’s historic drive-in celebrates its 70th anniversary
- DOWNLOAD the 2 Works for You app for alerts
- U.S. government seizes protected big cats from Tiger King park
- FOLLOW 2 Works for You on Facebook
- Tulsa Police Lt. Sean Larkin retires
Stay in touch with us anytime, anywhere --