Kansas Office of Judicial Administration to contact individuals affected by court system cybersecurity incident

TOPEKA—The Kansas Office of Judicial Administration worked with a vendor to contact individuals whose personal information was accessed during an October 12 cybersecurity incident to provide them more information about the incident and resources that will be made available to them to protect themselves. 

Chief Justice Marla Luckert, speaking on behalf of the Kansas Supreme Court, said the court is sorry these notifications are necessary. 

“We’re sorry anyone was personally impacted by the actions of the criminals who attacked our court computer systems,” Luckert said. “The judicial branch respects the privacy of information given to us, and it’s a high priority throughout the court system to keep that information secure.” 

Luckert added that since the incident, the Office of Judicial Administration has put additional security controls in place and will continue to enhance its security controls in the future to reduce the possibility of future cybersecurity incidents. 

Investigating cybersecurity incident impact

Following the October 12 cybersecurity incident, the Office of Judicial Administration began working with cybersecurity experts to investigate what happened and what was affected. The investigation determined there had been unauthorized access to files stored on the Office of Judicial Administration network.
 
Through an extensive examination of the files accessed during the cybersecurity incident, cybersecurity experts and the Office of Judicial Administration verified some files contained personal information. That examination was complete as of April 23, 2024.  

“We store information on our networks in various formats, and some files are complex, which lengthened the time it took to determine which files included personal information,” Luckert said. “We believed it was worth the extra effort and prevention of needless worry to clarify who was affected and who was not.”

The extensive investigation reduced the potential number of people impacted from a population that could have included anyone who ever interacted with Kansas courts to about 150,000. 

Personal information came from files given to the Office of Judicial Administration through litigation in the Kansas appellate courts, applications to the Kansas bar, or other administrative records held by the office, and could have included names, addresses, dates of birth, Social Security numbers, driver’s license or other state identification card numbers, government identification card numbers, tax identification card numbers, financial account information, payment card information, passport numbers, biometric identifiers, health information, or health insurance policy information.

Notification to affected individuals

Notification to affected individuals was made by letter if address information was available. If address information was not identifiable, notification was made by media publication, on the judicial branch website, and notice to media where appropriate. 

Notification letters to individuals include recommended steps they can take to monitor and protect their personal information. These notifications also offer credit monitoring and identity restoration services at no cost to the affected individuals.

No notifications by telephone, text, or email 

No notifications will be made by telephone, text, or email. If someone receives a phone call, text, or email about the cybersecurity incident, they are advised to end the call or delete the text or email. Phone communication about the cybersecurity incident should be initiated by the individual. 

Informational webpage

An informational webpage on the Kansas judicial branch website answers common questions affected individuals might have about the cybersecurity incident and their personal information. It includes a phone number people can call if they have questions.  

The webpage can be accessed at www.kscourts.org/security-incident. 

Cybersecurity incident response 

As soon as the Office of Judicial Administration discovered unauthorized activity on its network, it took immediate action to protect the network, secure information, and start investigating what happened and what was affected. 

The office also started working with cybersecurity experts to conduct a forensic investigation. It was through this investigation that a determination was made there had been unauthorized access to files stored on the Office of Judicial Administration network. It also determined some files were exfiltrated, which cybersecurity experts reviewed for personal information.

Impacted individuals who have questions can call 1-888-861-6382 between 8 a.m. and 8 p.m. Central Time, Monday through Friday, excluding holidays. 

The Kansas Office of Judicial Administration takes seriously the need to protect the privacy and security of all information in its care and regrets any inconvenience or concern that this matter may cause.