Security Affairs
U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Medusa ransomware attack hit Kansas City Area Transportation Authority

Medusa ransomware gang claimed responsibility for the attack against the Kansas City Area Transportation Authority (KCATA). On January 23, 2023, the Kansas City Area Transportation Authority (KCATA) suffered a ransomware attack. The Kansas City Area Transportation Authority (KCATA) is a public transit agency in metropolitan Kansas City. It operates the Metro Area Express (MAX) bus […]

Kansas City Area Transportation Authority

Medusa ransomware gang claimed responsibility for the attack against the Kansas City Area Transportation Authority (KCATA).

On January 23, 2023, the Kansas City Area Transportation Authority (KCATA) suffered a ransomware attack.

The Kansas City Area Transportation Authority (KCATA) is a public transit agency in metropolitan Kansas City. It operates the Metro Area Express (MAX) bus rapid transit service in Kansas City, Missouri, and 78 local bus routes in seven counties of Missouri and Kansas.

As of 2022, the company reported an annual ridership of 10,572,100.

The company disclosed that attack on January 24, it immediately launched an investigation into the incident and notified appropriate authorities. The company hired external experts to restore impacted systems.

“A ransom cyber-attack hit the KCATA early Tuesday, January 23. We have contacted all appropriate authorities including the FBI.” reads the notice published by the company.

The KCATA states that the incident is not affecting its services, including fixed-route buses, as well as the Freedom and Freedom-On-Demand paratransit services.

“The main customer impact is the inability to make calls to regional RideKC call centers, including any KCATA landline.” continues the notice. “KCATA is working around the clock with our outside cyber professionals and will have systems back up and running as soon as possible”

KCATA did not disclose specific information about the attack, including details about the ransomware family that compromised its systems or whether a data breach occurred.

Meantime, the Medusa ransomware gang claimed responsibility for the attack against KCATA.

The ransomware gang added the company to its Tor leak site and published samples of the alleged stolen data as proof of the data breach.

The ransomware gang threatens to release all the stolen data unless the company pays a $2 million ransom. The Medusa group also offers the victims the option to extend the deadline by paying $100,000/day.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – Kansas City Area Transportation Authority, ransomware)