A cybersecurity attack on the city of Tulsa's computer system was similar to an attack on the Colonial Pipeline, officials said Thursday. The hacker is known, the AP reports. "I can't share anything other than we know who did it," Mayor G.T. Bynum said, adding that the city did not pay the hackers. "They wanted to talk with us about what (a ransom) would be for them not to announce (the attack), and we never engaged them." Bynum said Tulsa's computer security system identified the attack and shut down the system before it was infiltrated. The attack, discovered earlier this month, was similar to the ransomware attack that shut down the Colonial Pipeline for days, said Michael Dellinger, Tulsa's chief information officer. Colonial Pipeline eventually paid a $4.4 million ransom, the Georgia-based company said.
Tulsa's computer system remains shut down while each of the city's computers and servers are examined and cleaned, Dellinger said. There has been no indication that any data was breached, he added. Dellinger said an investigation is underway to determine how the attacker infiltrated the system. The mayor said that city utility services, such as water, will not be disconnected until five days after the system is back online, and that electronic payments are possible. Police and fire responses continue, but tasks such as uploading police body cameras are slowed because of the computer shutdown. (Colonial Pipeline's attackers say they've shut down operations.)