Tag Archive for: Missouri

Ransomware attack delaying Jackson County, Missouri home sales

/in


INDEPENDENCE, Mo. — She fought for our country. But now a ransomware attack reportedly carried out by Russians has a local veteran whose disabled fighting to be able to sell her home.

It’s the latest effect from a cyber security breach in Jackson County last week.


Jackson County’s website says offices will remain closed at the Historic Truman Courthouse in Independence Wednesday.

A ransomware attack last Tuesday has closed the Jackson County Recorder of Deeds, Assessment and Collections Office. The county said Monday its making progress on restoration and system recovery. But for some that progress can’t come soon enough.

“It’s had a huge impact on our buyers and sellers in particular,” United Real Estate Kansas City Broker Marta Grace said.

The buyer of Jae Ramsey’s Independence home was hoping for an early closing.

“They told me to get out by April 1st, so I said OK, I did,” she said.

She hired movers with closing originally set for April 4, two days after that ransomware attack.

“They had like ten people in my house taking everything. I have no idea what I even have anymore,” Ramsey said.

Now she’s living with a relative waiting for proceeds from the sale of her home now set to close Thursday. But there’s no indication whether the Recorder of Deeds will open by then or how quickly they’ll get through at least a weeks worth of work missed.

“They are unable to close so the lenders won’t fund. They won’t lend you the money if they cannot record it with the county,” Grace explained.

“Primarily it’s we don’t know when they are going to get to close that’s caused the confusion and kind of a catastrophe,” TG Homes in the Heartland Owner Tina Groumoutis said.

Contracts to sell homes have expiration dates to close by. In Ramsey’s case that deadline is quickly approaching.

“He could very well get cold feet and say I don’t know what’s going on over there, but I’m good I’ll find something else,” Groumoutis said of the…

Source…

Missouri county declares state of emergency amid suspected ransomware attack

/in


Downtown Kansas City, Missouri, which is part of Jackson County.
Enlarge / Downtown Kansas City, Missouri, which is part of Jackson County.

Jackson County, Missouri, has declared a state of emergency and closed key offices indefinitely as it responds to what officials believe is a ransomware attack that has made some of its IT systems inoperable.

“Jackson County has identified significant disruptions within its IT systems, potentially attributable to a ransomware attack,” officials wrote Tuesday. “Early indications suggest operational inconsistencies across its digital infrastructure and certain systems have been rendered inoperative while others continue to function as normal.”

The systems confirmed inoperable include tax and online property payments, issuance of marriage licenses, and inmate searches. In response, the Assessment, Collection and Recorder of Deeds offices at all county locations are closed until further notice.

The closure occurred the same day that the county was holding a special election to vote on a proposed sales tax to fund a stadium for MLB’s Kansas City Royals and the NFL’s Kansas City Chiefs. Neither the Jackson County Board of Elections nor the Kansas City Board of Elections have been affected by the attack; both remain open.

To date, ransomware attacks have hit 28 county, municipal, or tribal governments this year, according to Brett Callow, a threat analyst with security firm Emsisoft. Last year, there were 95; 106 occurred in 2022.

The Jackson County website says there are 654,000 residents in the 607-square-mile county, which includes most of Kansas City, the biggest city in Missouri.

The response to the attack and the investigation into it have just begun, but so far, officials said they had no evidence that data had been compromised.

“We are currently in the early stages of our diagnostic procedures, working closely with our cybersecurity partners to thoroughly explore all possibilities and identify the root cause of the situation,” officials wrote. “While the investigation considers ransomware as a…

Source…

Missouri prosecutor declines to file charges over ‘hacker’ allegation against reporter

/in


Relief as controversial charges dropped tempered by fears about chilling effect

Missouri prosecutor declines to file charges over 'hacker' allegation against reporter

Missouri’s public prosecutor has decided not to file charges against a journalist accused of illegal hacking over his disclosure of security vulnerabilities in a state government-run website.

St. Louis Post-Dispatch reporter Josh Renaud expressed “relief” at the news but said the allegations made against him by Missouri governor Mike Parson in October 2021 could have a “chilling effect” on the good-faith reporting of security flaws.

The accusations centred on Renaud’s discovery of a problem in a domain maintained by the Missouri Department of Elementary and Secondary Education (DESE) that potentially exposed more than 100,000 Social Security numbers (SSNs) belonging to teachers and other school staff.

BACKGROUND Missouri governor criticized for confusing vulnerability disclosure with criminal hacking

In a story published on October 13, the St. Louis Post-Dispatch revealed that it had notified DESE of the vulnerability and delayed publication of the findings to give the agency time to secure the exposed data.

A number of cybersecurity experts said at the time that this approach to vulnerability disclosure accorded with how professional security researchers routinely alert businesses to security flaws.

Some noted that Renaud’s actions did not even constitute ‘hacking’, since he had simply viewed the site’s HTML source code, which was leaking the sensitive data – something easily done using web browsers’ built-in functionality.

Nevertheless, Governor Parson labelled Renaud a “hacker”, claimed he had violated state computer crime laws, and referred the matter to the Missouri State Highway Patrol, which investigated the episode and relayed its findings to Cole County prosecutor Locke Thompson.

However, four months later, on Friday (February 11), Thompson told television station KRCG that he would not be filing charges.

‘Political persecution’

“This decision is a relief. But it does not repair the harm done to me and my family,” Renaud said in a statement (PDF).

“My actions were entirely legal and consistent with established journalistic…

Source…

Missouri Federal Court Takes on T-Mobile MDL

/in


Thursday, December 9, 2021

Last Friday, the Judicial Panel on Multidistrict Litigation (“JPML”) transferred and centralized over 40 data event and cybersecurity class actions brought against T-Mobile in the Western District of Missouri.  In re: T-Mobile Customer Data Security Breach Litigation, Judicial Panel on Multidistrict Litigation, MDL No. 3019.  The centralized cases will undoubtedly be one of the must-watch data privacy litigations in 2022.  Read on to learn more.

As a reminder, multidistrict litigations (“MDLs”) are a way of handling multiple civil actions at once for coordinated discovery and pretrial proceedings, and can be formed when separate actions in different federal district courts share a common question of fact.  28 U.S.C. Section 1407(a) provides that:

When civil actions involving one or more common questions of fact are pending in different districts, such actions may be transferred to any district for coordinated or consolidated pretrial proceedings.  Such transfers shall be made by the judicial panel on multidistrict litigation authorized by this section upon its determination that transfers for such proceedings will be for the convenience of parties and witnesses and will promote the just and efficient conduct of such actions . . . .

28 U.S.C. §1407(a).  On a motion filed by either party, those separate actions can be flagged to the JPML.  The JPML then decides whether the litigations should be consolidated and transferred into one federal court for consolidated pretrial proceedings.

Which brings us to T-Mobile.  Earlier this year, T-Mobile disclosed that it had been targeted in a cyberattack that resulted in the compromise of some current, former and prospective customers’ SSN, name, address, date of birth and driver’s license/ID information.  According to T-Mobile, “the breach did not expose any customer financial information, credit card information, debit or other payment information.”  Following T-Mobile’s disclosure of the data event, over 40 putative class actions were filed by Plaintiffs who alleged that their personal…

Source…