The city of Wichita is increasing security measures after hackers were able to obtain thousands of police records through a ransomware attack earlier this year.
The city says nearly 77,000 records, including incident and traffic reports, were breached during the attack. The records contained names, Social Security numbers, state identification numbers and, in some cases, payment card information.
The card information that was compromised was not used for payment purposes to the city, but rather was part of criminal investigations, according to Assistant City Manager Donte Martin.
“It was only credit card information tied to or connected to a crime of some sort,” he said.
Many of the city’s functions, including taking electronic payments for water bills, were down for nearly two months as the city got back online.
The ransomware group was able to get the breached records after a vulnerability was found in a third-party software, according to Gilberto Oliva, the city’s deputy chief information officer.
“Manufacturers had just published that and said, ‘You need to apply this,’” Oliva said. “So, it was a very short time before we could do that, and that was what the bad actors took advantage of.”
A Russian ransomware group, LockBit, took responsibility for the attack. The city said it did not pay a ransom during the attack.
City Attorney Jennifer Magana says consultants that helped the city during the incident were contacted by the Federal Bureau of Investigation.
“The FBI is always investigating these type of actors,” Magana said.
The city said it will have to pay a $250,000 insurance deductible for costs associated with the attack. Martin said it was too early to estimate other costs associated with the cyber attack.
“We're confident that a large amount of what we may have expended during this event will be reimbursed through our insurance carrier,” Martin said.
The city says due to the number of people who may be affected by the cyber attack, it’s unable to notify people individually and is instead opting for a “blanket notification.” The city’s attorney says that’s in compliance with state law.
“That's what the city did in this case, put the notice on the website, and that complies with the state duty to notify,” Magana said.
Residents should monitor their credit reports and account information for suspicious activity, especially in the next several months.
Residents can request a free credit report, one per year, at annualcreditreport.com, or request one from the three major credit reporting bureaus. A fraud alert or credit freeze can also be placed for up to a year.
