The Kansas City Area Transportation Authority (KCATA) has suffered a ransomware attack on January 23. 2024.
The Kansas City Area Transportation Authority (KCATA) is a public transit agency in metropolitan Kansas City. It has disclosed the attack on January 24 and immediately launched an investigation into the incident and notified appropriate authorities. The company hired external experts to restore impacted systems.
The KCATA states that the incident is not affecting its services, including fixed-route buses, as well as the Freedom and Freedom-On-Demand paratransit services.
“The main customer impact is the inability to make calls to regional RideKC call centers, including any KCATA landline.” continues the notice. “KCATA is working around the clock with our outside cyber professionals and will have systems back up and running as soon as possible”
KCATA did not disclose specific information about the attack, including details about the ransomware family that compromised its systems or whether a data breach occurred.
The Medusa ransomware gang claimed responsibility for the attack against KCATA. It added the company to its Tor leak site and published samples of the alleged stolen data as proof of the data breach.
Medusa threatens to release the stolen data unless the company pays a $2 million ransom. It also offers the victims the option to extend the deadline by paying $100,000/day.
