Ransomware attack on Kansas county exposed sensitive info of nearly 30,000 residents

A county in Kansas warned regulators last week that a ransomware attack earlier this year leaked personal data found in county records.

Franklin County, which is about an hour outside of Kansas City, warned 29,690 residents on Friday that hackers breached the County Clerk’s Office on May 19 and took data from the network. 

On May 20, the county said it “discovered and responded to a ransomware attack” that required them to contact cybersecurity experts and federal law enforcement. The county informed the public on July 19 that it was investigating the incident.

That investigation concluded nearly a month later and determined that the hackers gained access to the county poll book records, which contained names, Social Security numbers, driver’s license numbers, financial account numbers and medical information. 

The records also had information connected to services provided to people by the county like medical record numbers, vaccination information, COVID-related information, insurance identification numbers, and/or insurance or billing information.

The county noted that they did not have contact information for everyone affected, forcing them to post a notice on their website. No ransomware gang has taken credit for the incident. 

“The County’s investigators searched Dark Web sources and found no indication that any personal information that the County maintains had been released or offered for sale as a result of this incident,” officials said in letters to victims.

The Kansas Secretary of State’s office and other regulators have been notified of the incident, and the county said it has taken a range of measures to improve their security, including by disabling inactive user accounts. 

Government organizations across the state of Kansas, and next door in Missouri, have been battered by ransomware gangs over the last two years. Both Kansas City and Wichita have dealt with ransomware attacks this year that exposed troves of police data and citizen information while damaging public services. 

Multiple towns, hospitals, colleges, and pivotal government tools have also dealt with problems resulting from ransomware attacks. 

Russian ransomware actors drew national headlines last fall when they crippled the state’s court system for months.

“I express my deep sorrow that Kansans suffered because these criminals attacked our system of justice,” state Supreme Court Chief Justice Marla Luckert said in January. 

“But I thank my fellow Kansans for their support and their patience over the past several months.”