October cyberattack exposed data of 150k people, Kansas court investigation finds

An investigation by the Kansas Office of Judicial Administration revealed that a cyberattack last year may have exposed personal information of 150,000 people.
(Getty Images)

The personal data of roughly 150,000 people who have engaged with the Kansas state court system may have been exposed in the Oct. 12 cyberattack that downed the state’s case management system for months.

In a report published Monday, the Kansas Office of Judicial Administration announced that its investigation, which concluded in April, discovered there had been “unauthorized access” to files stored on its network during the incident. The office said it was working to notify individuals whose personal information was exposed.

The report said the data breach may have exposed Social Security numbers, driver’s licenses, government identification cards, card payment information, tax identification numbers, passports and health insurance policy information.

“We’re sorry anyone was personally impacted by the actions of the criminals who attacked our court computer systems,” Chief Justice Marla Luckert, who sits on the Kansas Supreme Court, said of the notifications. “The judicial branch respects the privacy of information given to us, and it’s a high priority throughout the court system to keep that information secure.”


Notifications will include information about the cyberattack and resources for individuals to protect themselves from future exposure. Individuals will be contacted solely by physical mail, the report said, emphasizing the importance of security.

“No notifications will be made by telephone, text, or email. If someone receives a phone call, text, or email about the cybersecurity incident, they are advised to end the call or delete the text or email,” the report stated. “Phone communication about the cybersecurity incident should be initiated by the individual.”

The investigation also found that some files on Kansas’ network were exfiltrated during the incident, which, the office said, cybersecurity experts reviewed for personal information.

Update (May 8, 2024): The Record reported Wednesday that the LockBit ransomware group has taken credit for the cyberattack on Wichita. Also on Wednesday, U.S. officials identified Russian national Dmitry Khoroshev as LockBit’s leader.

Sophia Fox-Sowell

Written by Sophia Fox-Sowell

Sophia Fox-Sowell reports on artificial intelligence, cybersecurity and government regulation for StateScoop. She was previously a multimedia producer for CNET, where her coverage focused on private sector innovation in food production, climate change and space through podcasts and video content. She earned her bachelor’s in anthropology at Wagner College and master’s in media innovation from Northeastern University.

Latest Podcasts