Kansas City Area Transportation Authority reports ransomware attack

The Kansas City Area Transportation Authority (KCATA) was hit by a ransomware attack on January 23, 2024. KCATA serves a significant number of people in Missouri and Kansas. This cyber-attack primarily disrupted KCATA's communication systems, particularly affecting their call centers. As a result, customers were unable to reach KCATA through regular call center lines.

The Medusa ransomware group claimed responsibility for the attack and demanded a ransom of $2,000,000, threatening to release stolen data on their extortion portal on the dark web.

KCATA has engaged with cyber professionals and the FBI to address the attack. Despite the disruption, their transit services, including fixed-route buses and paratransit services, continue to operate normally. Customers are encouraged to use the RideKC.org website or the Transit app for bus schedule information, and alternative phone numbers have been provided for paratransit customers.

A significant concern in this incident is the potential theft of personal and payment data of KCATA's customers, though specific details about data compromise have not been disclosed.