On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack<\/a> and shut down its network to contain the threat. The city immediately started its incident response procedure to prevent the threat from spreading and announced an investigation into the attack.<\/p>\n\n\n\n
\u201cWe regret to report that certain online City services may be unavailable as we thoroughly review and assess an incident that affected some of our computer systems. As part of this assessment, we turned off our computer network.\u201d reads the initial\u00a0security breach notification<\/strong><\/a>. \u201cThis decision was not made lightly but was necessary to ensure that systems are securely vetted before returning to service.\u201d<\/em><\/p>\n\n\n\n
However, the LockBit<\/a> ransomware gang claimed responsibility for the cyberattack<\/strong><\/a> on the City of Wichita.<\/p>\n\n\n\n
Copied files included incident and traffic information.
“As part of our thorough review and assessment of this matter, we identified that certain files were copied from our computer network without permission between May 3 and 4, 2024. These files contained law enforcement incident and traffic information, which include names, Social Security numbers, driver\u2019s license or state identification card numbers, and payment card information.” reads the Notice of Data Event<\/a> updated on May 14, 2024. <\/p>\n\n\n\n
Follow me on Twitter: @securityaffairs<\/strong><\/a> and Facebook<\/strong><\/a> and Mastodon<\/a><\/p>\n\n\n\n
Pierluigi Paganini<\/strong><\/a><\/p>\n\n\n\n
(<\/strong>SecurityAffairs<\/strong><\/a> \u2013<\/strong> hacking, Kimsuky)<\/strong><\/p>\n\n\n\n