The City of Wichita was the victim of a ransomware attack that resulted in shutting down its network to contain the threat.
The city immediately started its incident response procedure to prevent the threat from spreading and announced an investigation into the attack. The investigation was conducted with the help of third-party security experts and also notified federal and local law enforcement authorities.
The authorities have warned that some services may be temporarily unavailable while systems are offline. It did not disclose the family of ransomware that infected its systems and the name of the extortion gang behind the attack.
LockBit ransomware gang claimed responsibility for the cyberattack on the City of Wichita, but the authorities declined to confirm. LockBit added Wichita to its website on May 7 — one day after the city disclosed the incident to the public and two days after the cyberattack occurred.
A new update provided by the City of Wichita revealed that threat actors copied certain files containing personal information from its network. Copied files included incident and traffic information and PII data.
The notice also revealed that threat actors exploited a recently disclosed vulnerability to gain access to the city’s network.
Under federal law, U.S. consumers are entitled to one free credit report annually from each of the three major credit reporting bureaus, Equifax, Experian, and TransUnion
It remains unclear what kind of ransom was demanded and whether or not the city intends to pay up or deal with the aftermath on its own. The city is reportedly still investigating the attack and whether or not any information was actually stolen.
