January 29, 2024 at 09:57AM
KCATA, a major public transit agency, fell victim to a ransomware attack impacting its communication systems, rendering call centers inoperable. Despite this, regular bus services continue. KCATA is working with cyber professionals to restore systems. Medusa ransomware claimed responsibility and demanded a $2 million ransom, with a daily extension option at $100,000. No data exposure details were disclosed.
Key takeaways from the meeting notes:
1. The Kansas City Area Transportation Authority (KCATA) was targeted by a ransomware attack on Tuesday, January 23, impacting all its communication systems.
2. The primary customer impact is the inability for regional RideKC call centers to receive calls and for KCATA landlines to function.
3. Despite the disruption in call centers, KCATA routes, including fixed-route buses and Freedom and Freedom-On-Demand paratransit services, are functioning as usual.
4. Logging in to ridekc.org and using the transit app to receive bus schedule information is also working normally.
5. Medusa ransomware has claimed responsibility for the attack and posted data samples allegedly belonging to KCATA on their extortion portal on the dark web, demanding a payment of $2,000,000 and offering to extend the deadline for making the stolen data available to the public for $100,000/day.