Kansas courts closed, electronic systems down after alleged ransomware attack

Courts across Kansas are facing a variety of issues following an alleged ransomware attack last week.

The city of Topeka announced Sunday that its municipal court and probation and prosecution divisions will be closed to the public on Monday, while the Kansas Supreme Court is exclusively using paper records to operate.

Judge Philip Journey, of Sedgwick County, Kansas, told local news outlet KAKE that the outages were due to a ransomware attack. Journey’s office did not respond to requests for comment about which group launched the attack or whether a ransom had been issued.

The Kansas Supreme Court issued an administrative order on Thursday saying the court clerk offices would be inaccessible for electronic filings through Sunday, October 15. The court released a new statement on Monday saying the courts are still open but are only using paper records.

When contacted on Monday, a Kansas Supreme Court clerk said their email system was still down but would not provide more information.

“This order and other information on our website will guide court users on our operations while our information systems are offline,” Chief Justice Marla Luckert said in a statement. “We continue to serve our communities, but we are using different methods until our systems are restored.”

They do not know when systems will be restored but are “working with experts from several sources to find out what happened in the security incident, how it happened, and how far it reached.”

The Supreme Court said it decided to suspend electronic filings to “give the judicial branch time to examine a security incident that has disrupted access to court systems.”

The order applied to the state’s Supreme Court, Court of Appeals and district courts in every county except Johnson County, which has its own e-filing and case management system.

The Supreme Court noted that it began to face issues on Thursday that affected the e-filing system; a portal for protection orders; the district court’s public access portal; the system for appellate cases; the state registry for attorneys, and the Kansas online marriage license application system.

The Kansas eCourt case management system, as well as the court’s payment portal, were also brought down by the attack.

“Courts will remain open and continue to operate, but documents cannot be submitted to the court through the Kansas Courts eFiling system. By declaring the courts inaccessible for efiling purposes, certain filing deadlines may be extended under applicable rules and statutes,” the Supreme Court said.

“Courts will accept paper filings and filings by fax. Fax filings cannot be accepted if payment is required. Courts also cannot accept electronic payments, whether by credit card, electronic check, or another electronic method.”

The governor’s office did not respond to requests for comment about what resources were being provided to address the incident but last week it announced a $3 million grant from the federal government to modernize the digital systems used by the state’s courts.

Alongside the state-level issues, Topeka officials said in a notice that they were closing the city’s municipal court and probation divisions “out of an abundance of caution,” noting that it “will allow the city to investigate possible security concerns with one of the court’s systems.”

“During the closure, no in-person dockets or trials will be held, and walk-ins will not be accepted at the court or at the probation and prosecution divisions. The city is working to notify those impacted by Monday’s closure,” city officials said on Sunday.

“The city expects to be able to provide an update Monday afternoon on the status of the court’s system. At this time, it is unknown if the possible security concern is associated with the Kansas Supreme Court’s network security incident.”

The St. Louis Post Dispatch reported last month that the Regional Justice Information System — used by counties in Kansas, Missouri and Illinois — suffered an incident that brought it down.

The attack damaged systems in each state, forcing courts, jails, and police departments to revert to paper records or limit operations entirely.

Just last week, a Florida circuit court said it was dealing with a cyberattack that was hindering operations. Courts in the U.S. have faced constant attack from a variety of attackers over the last year. In February, Florida's Supreme Court was affected by a ransomware campaign that wreaked havoc on organizations across the world.

A ransomware attack on the city of Dallas in May shuttered all municipal courts in the city for days and a municipal court in Ohio was also shut down after a ransomware attack in January.

Courts in Wisconsin, Louisiana, Ohio, Nebraska, South Carolina, Missouri, Kansas and Illinois have all dealt with data leaks, ransomware incidents or distributed denial-of-service attacks this year that limited operations and caused significant issues.