© 2024 Kansas Public Radio

91.5 FM | KANU | Lawrence, Topeka, Kansas City
96.1 FM | K241AR | Lawrence (KPR2)
89.7 FM | KANH | Emporia
99.5 FM | K258BT | Manhattan
97.9 FM | K250AY | Manhattan (KPR2)
91.3 FM | KANV | Junction City, Olsburg
89.9 FM | K210CR | Atchison
90.3 FM | KANQ | Chanute

See the Coverage Map for more details

FCC On-line Public Inspection Files Sites:
KANU, KANH, KANV, KANQ

Questions about KPR's Public Inspection Files?
Contact General Manager Feloniz Lovato-Winston at fwinston@ku.edu
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

City increasing security after thousands of Wichita Police records are compromised in cyber attack

Hugo Phan
/
KMUW

The city says nearly 77,000 records, including incident and traffic reports, were breached during the attack.

The city of Wichita is increasing security measures after hackers were able to obtain thousands of police records through a ransomware attack earlier this year.

The city says nearly 77,000 records, including incident and traffic reports, were breached during the attack. The records contained names, Social Security numbers, state identification numbers and, in some cases, payment card information.

The card information that was compromised was not used for payment purposes to the city, but rather was part of criminal investigations, according to Assistant City Manager Donte Martin.

“It was only credit card information tied to or connected to a crime of some sort,” he said.

Many of the city’s functions, including taking electronic payments for water bills, were down for nearly two months as the city got back online.

The ransomware group was able to get the breached records after a vulnerability was found in a third-party software, according to Gilberto Oliva, the city’s deputy chief information officer.

“Manufacturers had just published that and said, ‘You need to apply this,’” Oliva said. “So, it was a very short time before we could do that, and that was what the bad actors took advantage of.”

A Russian ransomware group, LockBit, took responsibility for the attack. The city said it did not pay a ransom during the attack.

City Attorney Jennifer Magana says consultants that helped the city during the incident were contacted by the Federal Bureau of Investigation.

“The FBI is always investigating these type of actors,” Magana said.

The city said it will have to pay a $250,000 insurance deductible for costs associated with the attack. Martin said it was too early to estimate other costs associated with the cyber attack.

“We're confident that a large amount of what we may have expended during this event will be reimbursed through our insurance carrier,” Martin said.

The city says due to the number of people who may be affected by the cyber attack, it’s unable to notify people individually and is instead opting for a “blanket notification.” The city’s attorney says that’s in compliance with state law.

“That's what the city did in this case, put the notice on the website, and that complies with the state duty to notify,” Magana said.

Residents should monitor their credit reports and account information for suspicious activity, especially in the next several months.

Residents can request a free credit report, one per year, at annualcreditreport.com, or request one from the three major credit reporting bureaus. A fraud alert or credit freeze can also be placed for up to a year.

Kylie Cameron (she/her) is a general assignment reporter for KMUW, often focusing on city government and substance use. Before KMUW, Kylie was a digital producer at KWCH, and served as editor in chief of The Sunflower at Wichita State. You can follow her on Twitter @bykyliecameron.