Wichita

The City of Wichita, Kansas, disclosed it was forced to shut down portions of its network after suffering a weekend ransomware attack.

Wichita is the largest city in Kansas, with a population of 400,000 people, ranking it among the top 50 largest cities in the United States.

In a rare display of transparency, the City confirmed they suffered the attack on Sunday, May 5th, when IT systems were encrypted with ransomware.

In response to the attack, the City shut down its computer network to prevent the spread of the ransomware to other devices.

At this time, it is not known whether data has been stolen. However, it is very common for ransomware gangs to steal data in compromised networks for days, if not weeks, before deploying their encryptors.

"We are completing a thorough review and assessment of this matter, including the potential impact on data. Detailed assessments of these types of incidents take time," government officials shared on the City of Wichita's website

BleepingComputer has determined that the online payment systems for the City are down, including those for paying the water bill and court citations and tickets.

The City says that first responders are still providing services, with the police and fire departments switching to business continuity measures where necessary.

While the city is not sharing what ransomware gang is behind the attack, they have reported the incident to local and federal law enforcement, which is assisting in the response to the attack.

Related Articles:

City of Wichita breach claimed by LockBit ransomware gang

Prudential Financial now says 2.5 million impacted by data breach

BlackSuit ransomware gang claims attack on KADOKAWA corporation

CDK Global outage caused by BlackSuit ransomware attack

Change Healthcare lists the medical data stolen in ransomware attack