Kansas public transportation authority hit by ransomware

The Kansas City Area Transportation Authority announced it was targeted by a ransomware attack on Tuesday, January 23.
KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex routes using a fleet of 300 buses.
The company reports that 10.5 million people use their services in a year.
On Wednesday, the organization announced that it suffered a ransomware attack that impacted all its communication systems.
The announcement provides alternative phone numbers for Freedom and Freedom-On-Demand Paratransit customers who need to schedule a trip.
Despite the disruption in call centers, KCATA routes are still working as usual, so passenger transit operations haven't been impacted.
A significant concern in ransomware incidents is the possibility of data theft, including personal and payment details of customers, which in this case would expose many people using KCATA services.
The agency has not elaborated on the possibility of registered members and pass holders having had their sensitive information exposed to cybercriminals.
Update 1/27 - Medusa ransomware claimed responsibility for the attack on KCATA, and posted data samples allegedly belonging to the organization on their extortion portal on the dark web.
The threat actors have given KCATA 10 days to negotiate a resolution, and their financial demands were set to a payment of $2,000,000.
Medusa offers the option to extend the deadline for making the stolen data available to the public, for $100,000/day.
Majorca city Calvià extorted for $11M in ransomware attack.
Online museum collections down after cyberattack on service provider.
Microsoft Teams outage causes connection issues, message delays.
UK says AI will empower ransomware over the next two years.
Water services giant Veolia North America hit by ransomware attack.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Sat, 27 Jan 2024 16:25:08 +0000


Cyber News related to Kansas public transportation authority hit by ransomware

Kansas courts confirm data theft, ransom demand after cyberattack - The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems. In mid-October 2023, the Kansas courts ...
1 year ago Bleepingcomputer.com
Kansas public transportation authority hit by ransomware - The Kansas City Area Transportation Authority announced it was targeted by a ransomware attack on Tuesday, January 23. KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex ...
10 months ago Bleepingcomputer.com
Autonomous Vehicles: Driving the Future - The realm of autonomous vehicles presents a fascinating scenario where machines assume control of the wheel, ushering in a new era of transportation. The evolution of autonomous vehicles began quietly in the early days of the automotive industry, ...
9 months ago Securityzap.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
11 months ago Securityboulevard.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
11 months ago Feeds.fortinet.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
11 months ago Unit42.paloaltonetworks.com
Central Virginia transit system affected by cyber incident - The organization that runs the transit system for central Virginia dealt with a computer network disruption due to a cyberattack around the Thanksgiving holiday. The Greater Richmond Transit Company provides bus and specialized transportation ...
1 year ago Therecord.media
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
1 year ago Helpnetsecurity.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
1 year ago Bleepingcomputer.com
Kansas City-area hospital transfers patients, reschedules appointments after cyberattack - A hospital near Kansas City, Missouri, is struggling to provide care to patients this week after a cyberattack limited its systems. In an update on Wednesday, Liberty Hospital said it was still dealing with disruptions to its computer systems that ...
1 year ago Therecord.media
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
10 months ago Bleepingcomputer.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
9 months ago Bleepingcomputer.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
7 months ago Bleepingcomputer.com
How ransomware gangs are engaging - As ransomware gangs continue to market themselves as legitimate businesses complete with customer service representatives, new research from Sophos showed that threat actors are expanding public relations efforts to further pressure victims into ...
1 year ago Techtarget.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
10 months ago Malwarebytes.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
10 months ago Securityboulevard.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
9 months ago Feeds.fortinet.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
2 months ago Securelist.com
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
1 year ago Bleepingcomputer.com
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
11 months ago Bleepingcomputer.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
10 months ago Feeds.fortinet.com
Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
10 months ago Techrepublic.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)