The Kansas City Area Transportation Authority announced it was targeted by a ransomware attack on Tuesday, January 23.
KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex routes using a fleet of 300 buses.
The company reports that 10.5 million people use their services in a year.
On Wednesday, the organization announced that it suffered a ransomware attack that impacted all its communication systems.
The announcement provides alternative phone numbers for Freedom and Freedom-On-Demand Paratransit customers who need to schedule a trip.
Despite the disruption in call centers, KCATA routes are still working as usual, so passenger transit operations haven't been impacted.
A significant concern in ransomware incidents is the possibility of data theft, including personal and payment details of customers, which in this case would expose many people using KCATA services.
The agency has not elaborated on the possibility of registered members and pass holders having had their sensitive information exposed to cybercriminals.
Update 1/27 - Medusa ransomware claimed responsibility for the attack on KCATA, and posted data samples allegedly belonging to the organization on their extortion portal on the dark web.
The threat actors have given KCATA 10 days to negotiate a resolution, and their financial demands were set to a payment of $2,000,000.
Medusa offers the option to extend the deadline for making the stolen data available to the public, for $100,000/day.
Majorca city Calvià extorted for $11M in ransomware attack.
Online museum collections down after cyberattack on service provider.
Microsoft Teams outage causes connection issues, message delays.
UK says AI will empower ransomware over the next two years.
Water services giant Veolia North America hit by ransomware attack.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 27 Jan 2024 16:25:08 +0000