Cyber Incident Victim: Oklahoma

On March 15, 2015, an individual using the alias "Bitcoin Baron" publicly claimed responsibility for a cyberattack targeting the City of Moore, Oklahoma. The attacker stated they had successfully infiltrated the city's systems, planted a virus, and exfiltrated sensitive files described as "quite interesting" and likely unwanted by the city. Bitcoin Baron explicitly linked the attack to the city's defense of two police officers involved in the Warren Theatre case, though no further details about that case were provided in available sources. The attacker demanded a ransom of 100 bitcoins—approximately $24,000 USD at the time—in exchange for protecting the compromised data. Concurrently, Bitcoin Baron claimed responsibility for disabling the city's official website (cityofmoore.com), providing a screenshot via Twitter as evidence of the outage that persisted for at least 10 hours during the initial disclosure period.

The attacker later clarified to DataBreaches.net that the compromised data consisted exclusively of personnel information, explicitly stating that no citizen records were accessed. No specific details about the personnel files—such as quantity, departments affected, or data types—were disclosed in available reports. The city's website remained inaccessible during initial media inquiries, preventing official confirmation or response. Publicly available information did not document any subsequent ransom payment, data release, or containment actions by the city. The incident's full scope, including forensic details about the intrusion vector, virus functionality, or duration of system compromise, remained unverified due to the absence of official statements from Moore authorities in the examined sources.