Kansas Cyber Attacks

Infrastructure Affected

Public Safety
Government
Medical
Education
 
Back to Archive
Kansas.jpg
 

Public Safety

Attack on Butler County

Breach Type - Ransomware

KNSS

  • County locket out of First Responder 911 system
  • Dispatchers relay info via walkie talkie and notepads
Read More
KWCH

  • No data was stolen
  • Remains unknown if Butler County paid ransom
Read More

 
BACK TO TOP

Local Government

Wyandotte County government hit by cyber attack

Breach Type – Unknown, Malware

Fox 4 Kansas City

  • “The Unified Government of Wyandotte County and Kansas City, Kansas was hit by a cybersecurity attack to its data centers over the Easter holiday weekend.”
  • “An ongoing assessment of the damage is underway. The UG said it is actively working with the U.S. Department of Homeland Security, Federal Bureau of Investigation, and the Mid-America Regional Council cybersecurity task force to determine what data, if any, may have been compromised.”
  • “A spokesperson with the UG said things are still being accessed regarding the attack at this time and more information should be shared Tuesday morning.”
Read More

 
Pottawatomie County pays hackers to restore computer systems after cyber attack

Breach Type – Hacking, Malware

WIBW-TV 13

  • "Officials in Pottawatomie County say computer systems are slowly being restored after a ransom was paid to hackers."
  • "County officials say several of their servers were encrypted during a cyber attack on September 17, 2021."
  • "The amount paid was not disclosed, however, WIBW-TV has filed an open records request to determine the specific amount that Pottawatomie County paid to resolve the ransomware attack."
Read More

 
Sedgwick County Employee Email, Sedgwick County

Breach Type – Phishing, Other

Kansas News

  • Employee was scammed into buying gift cards to be given as gifts to fellow employees
  • County credit was used to buy several fake gift cards along with employee's personal account
  • The scam was soon reported after the discovery of the employee being scammed
Read More

 
City of Seneca, Nemaha County

Breach Type - Hacking, Other

WIBW

  • City of Seneca systems compromised in cyber attack
  • Unknown individuals breached network, suspects attempted to steal substantial funds but failed
  • Customers or vendors, who provided banking information to the City are cautioned that their personal information may have been stolen
Read More

 
City of Topeka, Shawnee County

Breach Type - Other, Data Breach

Hays Post

  • City of Topeka notified by software vendor of potential cyber attack
  • Utility Billing Payment System affected and the city transitioned into a more secure platform as a result
  • The City identified 10,000 customers who could have been impacted by the breach
Read More

 
Dickinson County

Breach Type - Phishing, Other

GovTech

  • Cyber attacks infiltrated county firewalls
  • Anti-virus protection did not prevent the attacks
  • County implemented new software as precaution
Read More

 
Finney County

Breach Type - Phishing, TDoS/DDoS

The Garden City Telegram

  • County network shut down twice
  • Hackers targeted County email's address book
  • Sent malicious emails to all county employees
Read More
KWCH

  • Attack came from malicious email link
  • Finney county shut down twice in one month
  • Malware attack also forced election network to shut down
Read More

 
City of Pittsburg

Breach Type - Phishing

Data Breaches

  • W2 phishing scheme
  • No evidence that employee data was misused
  • City notified local law enforcement, IRS, FBI, & all impacted individuals
Read More

 
Harvey County

Breach Type - Hack

The Kansan

  • Computer network targeted by cyber attack, no data compromised
  • Hindered Harvey's services, county remained open with limited operations
  • County has backup system in place
Read More

 
Butler County Network Department of Commerce

Breach Type - Ransomware

International Business Times

  • Database breached by hackers/li>
  • Exposing more than 5.5 Million Social Security numbers
  • 805,000 who did not provide Social Security numbers, had other personal data exposed
  • Kansas to provide one-year free credit monitoring to 9 of 10 states affected
  • Took two months for Kansas to relay info about the breach to those affected
Read More

 
BACK TO TOP

Medical

Newman Regional Health notifies 52,224 patients after long-running breach of employee email accounts , Lyon County

Breach Type – Hacking, Data Breach

Data Breaches

  • "Newman Regional Health (NRH) is notifying more than 52,000 patients after an investigation revealed unauthorized access to a limited number of their employee e-mail accounts between January 26, 2021 and November 23, 2021."
  • "According to the FAQ, the type of information contained in the email accounts varied for each affected individual but may have included: individuals’ names; dates of birth; medical record or other identification numbers; addresses, phone numbers, or e-mail addresses; limited heath, treatment or insurance information; or employee information collected in connection with an individual’s receipt of services from or employment with NRH. A limited group of individuals may have social security number or financial information affected."
  • "We are in the process of notifying affected individuals, including details regarding the information that was involved."
Read More

 
Labette Health discloses October 2021 data security incident, Labette County

Breach Type – Hacking, Data Breach

Data Breaches

  • "Labette Health in Kansas has started notifying employees and patients of a data security incident."
  • "According to a statement on their website, an investigation determined that unauthorized individual(s) potentially accessed and acquired information from portions of their network between October 15, 2021 and October 24, 2021."
  • "Labette Health determined that certain files and folders that may have been accessed or acquired contained identifiable personal and/or protected health information of employees and certain patients who received services from Labette Health, including the individuals’ full name and one or more of the following: Social Security number, medical treatment and diagnosis information, treatment costs, dates of service, prescription information, Medicare or Medicaid number, and/or health insurance information."
  • "Labette Health’s statement indicates that it has no evidence to suggest that any information has been misused, and as of the time of this publication"
Read More

 
Mowery Clinic in Salina announces data breach, Saline County

Breach Type – Unknown, Data Breach

Salina Journal

  • “Mowery Clinic in Salina gave notice of a data breach that happened in September."
  • “ the investigation showed an unauthorized individual had gained access to its network, but did not access the clinic's electronic medical records application. The clinic said the individual did deploy malware and accessed or acquired certain documents in the systems containing current and former patient and employee information."
  • “This information may have included the following: name, address, date of birth, medical information such as office notes and diagnostic notes and, in limited circumstances, a Social Security Number."
  • “We are working diligently to determine how the incident happened and are taking appropriate measures to prevent a similar situation in the future."
Read More

 
Midwest Transplant Network, Johnson County

Breach Type - Unknown, Ransomware

KCUR 89.3

  • threat actors were able to obtain some personal information about deceased donors and organ recipients, including names, dates of birth, and types of organ donation or transplantation procedures following ransomware attack
  • Cybersecurity company Kroll and FBI are working to resolve the situation
  • Suspicious activity noticed February 11th
Read More

 
Valley Hope Association, Norton County

Breach Type - Phishing, Data Breach

Data Breaches

  • Data breach may have exposed patient’s private information
  • Discovered attack through unusual email activity
  • Hackers exploited an employee’s email account
  • Exposed emails may have sensitive information
Read More

 
Ransom Memorial Hospital, Franklin County

Breach Type - Phishing, Data Breach

KWCH

  • Hospital fell victim to phishing scheme
  • Phishing attack may have exposed 16,366 individuals
  • Private health and financial information potentially at risk
Read More

 
Kansas Heart Hospital

Breach Type - Ransomware

KFDI

  • Malicious email launches malware attack on Kansas Heart Hospital
  • One computer infected with ransomware, no patient data at risk
  • Paid ransom to hackers, but hackers returned demanding more money
  • Hospital now working toward recovering systems without paying
Read More

 
BACK TO TOP

Education

Kansas school district pulls messaging app after data breach, Butler County

Breach Type – Hacking, Data Breach

KWCH

  • "Andover Public Schools said it has pulled the popular messaging app, Seesaw after the app was hacked."
  • "According to the Seesaw website, the app is used by 10 million teachers, students and family members, but the company declined to say how many users were affected by the hack."
  • "The school district said it pulled Seesaw from all student and staff accounts as it works with the company on the issue."
Read More

 
Wichita State University, Sedgwick County

Breach Type – Phishing, Date Breach

Data Breaches

  • Unauthorized third party accessed university server
  • Third party IT firm utilized in investigating the cyberattack
  • Officials confirmed they would re-educate staff on safety
Read More

 
Wichita State University, Sedgwick County

Breach Type - Phishing, Other

Tri-City Herald

  • Wichita State University employees fell victim to email phishing scheme
  • Hackers achieved university ID numbers & passwords – gaining access to bank account numbers, student records, and other personal information
  • Employee paychecks rerouted to fraudulent bank accounts
  • Officials did not specify potential data breach of student data
  • No evidence has surfaced of employees receiving paycheck reimbursement
Read More

 
Butler Community College

Breach Type - Hack

Hays Post

  • Hack disabled internet connectivity for entire community college
  • IT department suspects problems were result of DDoS attack
  • Butler Community College working to mitigate issue as the school depends on internet for daily tasks
Read More

 
Arkansas City Schools

Breach Type - Phishing

KSN

  • Arkansas City school employees fall victim to spear-phishing scheme
  • Employees mistakenly sent valuable W-2 data to hackers
  • Arkansas City school implementing additional safeguards to prevent future schemes
Read More

 
BACK TO TOP