The City of Wichita, Kansas, on Sunday announced that it has shut down its computer network after falling victim to a ransomware attack.
The disruptive incident occurred on May 5, when data on certain systems was encrypted by malware, prompting Wichita to turn off some of its systems, as a containment measure, with impact on certain online services.
“We turned off our computer network. This decision was not made lightly but was necessary to ensure that systems are securely vetted before returning to service,” the city said in an incident notice on its website.
It is unclear whether personal information was compromised in the attack, but Wichita said details on the matter will be provided as the investigation into the incident advances.
“We are completing a thorough review and assessment of this matter, including the potential impact on data. Detailed assessments of these types of incidents take time. We thank you for your patience, understanding, and respect for the integrity of this review process,” the city noted.
Wichita says first responders have already switched to business continuity measures to continue providing services.
Law enforcement authorities have been notified of the incident and the city has already engaged with third-party specialists to begin the restoration of the impacted systems.
The city said it would not share the identity of the ransomware group responsible for the attack, “for operational security purposes”.
Related: UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
Related: Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor
Related: United Nations Agency Investigating Ransomware Attack Involving Data Theft
Related: Watch on Demand: Ransomware Resilience & Recovery Summit Sessions