{
	"id": "d0d8f7bc-b884-4ed6-9b66-5b4a6e22d156",
	"created_at": "2026-04-06T00:17:53.554817Z",
	"updated_at": "2026-04-10T13:11:49.291444Z",
	"deleted_at": null,
	"sha1_hash": "039f2c940eb070e0ce1b0f10011951094f95707d",
	"title": "City of Wichita breach claimed by LockBit ransomware gang",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2739841,
	"plain_text": "City of Wichita breach claimed by LockBit ransomware gang\r\nBy Bill Toulas\r\nPublished: 2024-05-08 · Archived: 2026-04-05 15:47:17 UTC\r\nImage: Keeper of the Plains in Wichita (Sepavone)\r\nThe LockBit ransomware gang has claimed responsibility for a disruptive cyberattack on the City of Wichita, which has\r\nforced the City's authorities to shut down IT systems used for online bill payment, including court fines, water bills, and\r\npublic transportation.\r\nWichita, Kansas, is the largest city in the state, with a population of nearly 400,000. It serves as a major cultural, economic,\r\nand transportation hub in the region and is home to several aircraft factories.\r\nLast Sunday, May 5, 2024, the City's authorities announced they were facing a disruptive cyberattack after ransomware\r\nencrypted portions of its network.\r\nTo contain the damage and stop the spread of the attack, the City's IT specialists shut down computers used in online\r\nservices.\r\nhttps://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"This decision was not made lightly but was necessary to ensure that systems are securely vetted before returning to\r\nservice,\" mentioned the announcement.\r\nEarlier today, the LockBit ransomware group added Wichita to its extortion portal, threatening to publish all stolen files on\r\nthe site by May 15, 2024, unless the City pays the ransom.\r\nWichita listed on the LockBit ransomware data leak site\r\nSource: BleepingComputer\r\nThe list of a ransomware victims only three days after an attack is unusual, as ransomware gangs usually give companies\r\nmore time to negotiate.\r\nHowever, this reveal comes only a few hours after an international law enforcement operation named and sanctioned the\r\nleader of the LockBit ransomware operation as a 31-year-old Russian national named Dmitry Yuryevich Khoroshev, who\r\nuses the online \"LockBitSupp\" alias.\r\nThe quick listing of the City may be in revenge for the recent law enforcement operations that have severely disrupted the\r\noperation and tarnished its operator's reputation.\r\nMeanwhile, Wichita continues to disruption, with the  latest status update saying the following services remain unavailable: \r\nAuto payments for water bills are suspended.\r\nPublic Wi-Fi at certain locations (Airport terminal, Advanced Learning Library, Evergreen, and Walters branches of\r\nthe Library).\r\nThe online catalog, databases, and some digital services of the Library.\r\nEmail communications through the city network for Library staff.\r\nSelf-service print release stations and self-check stations at the Library.\r\nAutomated materials handler at the Advanced Learning Library.\r\nMost incoming phone call capability for the Library.\r\nWi-Fi and phone services at neighborhood resource centers.\r\nPublic services, including golf courses, parks, courts, and the water district, require residents to pay in cash or by\r\ncheck while online payment platforms are shut down.\r\nAny Request for Bid, Proposal, or Qualifications with a due date of May 10, 2024, is deferred until May 17, 2024. Also, the\r\n'Bid Opening' scheduled for Friday, May 10, 2024, has now been canceled.\r\nIn addition to the above, some public safety services like the WFD and WPD have resorted to using \"pen and paper\" reports,\r\nand the Wichita Transit buses and landfill services can only accept cash payments.\r\nWhile the City is still investigating whether data was stolen in the attack, the LockBit ransomware gang is known to steal\r\ndata before deploying their encryptors.\r\nhttps://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/\r\nPage 3 of 4\n\nTherefore, if a ransom is not paid, data will likely be leaked in the future on the ransomware gang's data leak site.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/\r\nhttps://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/"
	],
	"report_names": [
		"city-of-wichita-breach-claimed-by-lockbit-ransomware-gang"
	],
	"threat_actors": [],
	"ts_created_at": 1775434673,
	"ts_updated_at": 1775826709,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/039f2c940eb070e0ce1b0f10011951094f95707d.pdf",
		"text": "https://archive.orkl.eu/039f2c940eb070e0ce1b0f10011951094f95707d.txt",
		"img": "https://archive.orkl.eu/039f2c940eb070e0ce1b0f10011951094f95707d.jpg"
	}
}