'Foreign cyberattack' stole data from courts in 'assault on the Kansas system of justice'

Jason Alatidd, Topeka Capital-Journal

More than a month after a foreign cyberattack on the Kansas judicial branch of government, the state's top judges say potentially confidential court records and other data has been stolen.

"This assault on the Kansas system of justice is evil and criminal," the seven justices of the Kansas Supreme Court said in a joint statement. "Today, we express our deep sorrow that Kansans will suffer at the hands of these cybercriminals."

The Tuesday statement from the high court revealed more information on a security incident that has been ongoing since Oct. 12, with the judicial branch acknowledging publicly for the first time that the courts were "a victim of a sophisticated foreign cyberattack."

More than a month after a security incident was first reported, the Kansas Supreme Court now admits the judicial branch was "a victim of a sophisticated foreign cyberattack" and potentially confidential court records were stolen.
More than a month after a security incident was first reported, the Kansas Supreme Court now admits the judicial branch was "a victim of a sophisticated foreign cyberattack" and potentially confidential court records were stolen.

The situation has disrupted access to online systems used by courts in 104 of the state's 105 counties, as well as the appellate courts, limiting public access to public records and forcing courts to operate by paper and fax machines. The cyberattack "temporarily incapacitated Kansas Office of Judicial Administration information systems, affecting daily operations," according to the statement from Chief Justice Marla Luckert and Justices Eric Rosen, Dan Biles, Caleb Stegall, Evelyn Wilson, K.J. Wall and Melissa Standridge.

The justices said the information systems were disconnected from external access once the attack was discovered. Since then, the court system has worked with state and federal authorities.

The attackers have made demands, but the justices did not say whether those demands were for a ransom. Security experts have previously indicated that the incident had the hallmarks of a ransomware attack.

"While the impact on our information systems is temporary, the cybercriminals also stole data and threatened to post it to a dark web site if their demands were not met," the justices said. "We are working with cybersecurity experts to identify the data quickly and securely so we can conduct a comprehensive review to determine the full scope of what personal information the cybercriminals may have stolen.

"Based on our preliminary review, it appears the stolen information includes Office of Judicial Administration files, district court case records on appeal, and other data, some of which may be confidential under law. A full review of what may have been stolen is a high priority to us but it will take time. Once this review is complete, we will notify those affected."

The justices noted that governments are a top target for cybercrime and said the court system is working with cybersecurity experts to guard against future attacks.

"It will likely take several weeks to return safely to normal operations, including electronic filing, but we will do so," they said.

Jason Alatidd is a statehouse reporter for the Topeka Capital-Journal. He can be reached by email at jalatidd@gannett.com. Follow him on X @Jason_Alatidd.

This article originally appeared on Topeka Capital-Journal: Kansas Supreme Court says data was stolen in foreign cyberattack

Advertisement