City Officials Say No Data Leaked In Cyber Attack

A spokesperson says an investigation into the hacking of Tulsa's city website has concluded.

The city's network was attacked sometime around September 12th, and city web sites went down for weeks. Some of them have yet to return.

It was first reported that some sensitive information could have leaked in the attack. The city sent out mailers to anyone who could have had their personal information stolen.

A spokesperson now says that wasn't the case. City officials say a third-party audit was done to further secure and protect city computer systems. They got confirmation from that firm that no personal information was accessed.

"Based on the best information we had available at the time, and in order to comply with state notification laws and perform due diligence, the City notified individuals whose information was potentially accessed, as a precaution," a city press release states.

City manager Jim Twombly said the city is dedicated to the security and protection of employees and citizens.

"We had to treat this like a cyber-attack because every indication initially pointed to an attack," he said.

The city sent approximately 90,000 letters to inform those who may have been affected. "We did spend about $20,000 on a mass mailing in order to notify those who were potentially impacted. Again, our first priority, based on the information we had, was to notify and help protect those individuals," Twombly said.

The mayor is asking IT department leaders to consider budget changes recommended by audit firm KPMG.