LockBit Claims Wichita as Its Victim 2 Days After Ransomware Attack

LockBit ransomware group says it is responsible for a ransomware attack on the City of Wichita. The attack occurred over the weekend and disrupted the city's networks and services.

Much of the area has been affected, including the airport, water service, and public transit. The city was forced to switch to a cash-based system, where applicable, until systems become fully operational again. 

LockBit added Wichita to its website on May 7 — one day after the city disclosed the incident to the public and two days after the cyberattack occurred.

This latest claim to fame indicates that the group may be on the rise again after a disruption earlier this year by international authorities, in which its leader, Dmitry Yuryevich Khoroshev, a Russian national, was taken in and charged by the US Justice Department. Alternatively, this ransomware attack could also indicate one last hurrah for the group before being taken down permanently. But even if LockBit is forced to shut its doors for good, its technology, which has been used in hundreds of successful attacks, can still be employed by anyone who owns it.

It remains unclear what kind of ransom was demanded and whether or not the city intends to pay up or deal with the aftermath on its own. The city is reportedly still investigating the attack and whether or not any information was actually stolen.