"Personal Information Stolen in City of Wichita Ransomware Attack"

In a new update, the City of Wichita, Kansas, has revealed that files containing personal information were stolen in a ransomware attack in early May. The city disclosed the incident on May 5, when certain systems were shut down as a containment measure to stop the spreading of file-encrypting ransomware deployed during the attack. This week, Wichita revealed that, between May 3 and 4, the attackers copied certain files from its network, and those files contained personal information. It was noted that these files contained law enforcement incident and traffic information, which included names, Social Security numbers, driver’s license or state identification card numbers, and payment card information. Wichita also revealed that initial access to its network was obtained through the exploitation of “a recently disclosed vulnerability that affects organizations throughout the world,” without providing specific details. Wichita also announced that it has made good progress in recovering the impacted systems, but did not say when it expects to resume full operations. The city has not disclosed the number of potentially impacted individuals or the name of the ransomware group behind the attack yet. On May 7, however, the LockBit gang added Wichita to its leak site, threatening to release the stolen information.

SecurityWeek reports: "Personal Information Stolen in City of Wichita Ransomware Attack"