All communications systems at the Kansas City Area Transportation Authority, which caters to seven Kansas and Missouri counties, have been disrupted by a ransomware attack on Jan. 23, which has since been claimed by the Medusa ransomware operation, BleepingComputer reports.
KCATA emphasized that all of its services remain operational despite the incident.
"KCATA is working around the clock with our outside cyber professionals and will have systems back up and running as soon as possible," said the agency in its announcement.
While KCATA did not provide any information on the potential compromise of its registered members' and pass holders' sensitive data, Medusa ransomware has already updated its data leak site to include information allegedly exfiltrated from the agency. KCATA has been demanded to pay a $2 million ransom within 10 days to prevent the public exposure of all its data, with Medusa providing a daily deadline extension rate of $100,000.
BleepingComputer reports vulnerable ConnectWise ScreenConnect servers impacted by the CVE-2024-1708 and CVE-2024-1709 flaws were observed by Sophos X-Ops researchers to have been subjected to numerous LockBit ransomware attacks since Feb. 21 .