Kansas Judicial Branch discloses a cybersecurity breach with an update on stolen sensitive files.
Last month, the authority updated the public on a cybersecurity incident, confirming that hackers had stolen sensitive files with confidential information from its systems.
In mid-October 2023, the Kansas courts authority disclosed a “security incident” affecting various systems. Subsequently, the incident impacted the eFiling system used by attorneys for document submission, electronic payment systems, and case management systems used by district and appellate courts.
Over a month later, the system status remains unchanged. Notably, the following services are currently offline:
- Kansas Courts eFiling: Electronic document filing
- Kansas Protection Order Portal: Electronic document filing
- Kansas District Court Public Access: Searching district court cases
- Appellate Case Inquiry System: Searching appellate court cases
- Kansas eCourt Case Management: Used by district courts for case processing
- Kansas Attorney Registration: Searching attorneys by name or bar number
- Kansas online marriage license application
- Central Payment Center
An update from the Kansas Judicial Branch newsroom called the impact on these systems temporary. Moreover, it highlighted the more severe aspect of the cyberattack by confirming a data breach. The press release stated, “While the cybercriminals temporarily impacted our information systems, they also stole data and threatened to post it to a dark web site if we didn’t meet their demands.”
According to the preliminary review, the stolen information includes Office of Judicial Administration files, district court case records on appeal, and other data, some of which may be confidential under the law. Notably, the situation reflects the core elements of a typical ransomware attack, involving a system outage due to local file encryption and double extortion threatening to publish stolen files if the ransom isn’t paid. However, the announcement did not specify the type of attack.
The Kansas authority expects several weeks for all systems to return to normal status. Simultaneously, it promises to notify affected individuals once its review of the stolen data is complete.
The statement takes a more personal tone, describing this incident as an attack “against all Kansas” and characterizing the perpetrators as evil. The courts express deep sorrow for the potential suffering of Kansans at the hands of these cybercriminals.
As of the current writing, no known ransomware operations have publicly claimed responsibility for the attack.
Related stories:
