Pierluigi Paganini
May 06, 2024
The City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat.
The security breach took place on May 5th, 2024, and immediately started its incident response procedure to prevent the threat from spreading.
The City is investigating and containing the incident with the help of third-party security experts and federal and local law enforcement authorities.
“We regret to report that certain online City services may be unavailable as we thoroughly review and assess an incident that affected some of our computer systems. As part of this assessment, we turned off our computer network.” reads the security breach notification. “This decision was not made lightly but was necessary to ensure that systems are securely vetted before returning to service.”
The City warns that some services may be temporarily unavailable while systems are offline.
City of Wichita is still investigating the scope of the incident and has yet to determine if the company has suffered a data breach.
The City hasn’t disclosed the family of ransomware that infected its systems and the name of the extortion gang behind the attack.
“We are working with specialists to thoroughly review and assess systems before putting them back online. Systems will be restored on a staggered basis to minimize disruptions. We do not have a definitive timeline for returning all systems to production.” the city noted.
“This [the name of the group that is claiming responsibility for the attack] is not being shared for operational security purposes.” states the report.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, City of Wichita)
