Franklin County, Kansas hit by ransomware attack, exposes 30K people

Franklin County, Kansas, reports a ransomware attack that occurred on May 19, 2023, which compromised sensitive data of nearly 30,000 residents.

The county discovered the ransomware attack on May 20 and enlisted cybersecurity experts and contacted federal law enforcement. No ransomware group claimed responsibility for the attack and officials state that they found no evidence that the stolen data had been offered or sold on the dark web.

The attack targeted the County Clerk’s Office, and data from the county’s network was stolen. The breach exposed personal details from the county poll book records, including:

• Names,
• Social Security numbers,
• Driver’s license numbers,
• Financial account numbers,
• Medical information,
• Medical record numbers,
• Vaccination information,
• COVID-related information,
• Insurance identification numbers,
• Billing information.

Due to incomplete contact information for all affected individuals, Franklin County posted a notice on its website to notify residents. The Kansas Secretary of State and other regulators were informed.