The Kansas Metropolis Space Transportation Authority (KCATA) introduced it was focused by a ransomware assault on Tuesday, January 23.
KCATA is a bi-state public transit company serving seven counties of Missouri and Kansas, working 78 bus routes and 6 MetroFlex routes utilizing a fleet of 300 buses. The corporate reviews that 10.5 million individuals use their providers in a 12 months.
On Wednesday, the group introduced that it suffered a ransomware assault that impacted all its communication programs.
“A ransom cyber-attack hit the KCATA early Tuesday, January 23. We now have contacted all applicable authorities, together with the FBI,” reads the announcement.
“The first buyer impression is that regional RideKC name facilities can’t obtain calls, nor can any KCATA landline.”
The announcement offers different telephone numbers for Freedom and Freedom-On-Demand Paratransit prospects who have to schedule a visit.
Regardless of the disruption in name facilities, KCATA routes are nonetheless working as regular, so passenger transit operations have not been impacted.
“All service is working, together with fixed-route buses, Freedom and Freedom-On-Demand paratransit service,” defined KCATA.
Logging in to ridekc.org and utilizing the transit app to obtain bus schedule data additionally work usually.
“KCATA is working across the clock with our exterior cyber professionals and could have programs again up and working as quickly as doable,” concludes the announcement.
A major concern in ransomware incidents is the potential for information theft, together with private and fee particulars of consumers, which on this case would expose many individuals utilizing KCATA providers.
The company has not elaborated on the potential for registered members and go holders having had their delicate data uncovered to cybercriminals.
Replace 1/27 – Medusa ransomware claimed accountability for the assault on KCATA, and posted information samples allegedly belonging to the group on their extortion portal on the darkish net.
The risk actors have given KCATA 10 days to barter a decision, and their monetary calls for have been set to a fee of $2,000,000.
Additionally, Medusa gives the choice to increase the deadline for making the stolen information obtainable to the general public, for $100,000/day.
