Skip to content
opener


Kansas Courts Cybersecurity Incident

The Kansas Office of Judicial Administration created this webpage to share information with individuals impacted by or concerned about the October 12, 2023, cybersecurity incident involving the office’s network.

The Kansas Office of Judicial Administration is serious about its responsibility to keep personal information secure. Since the cybersecurity incident, it has strengthened security for its network and information systems for even greater protection. 
 

Table of Contents

Overview
What happened?
What did the Kansas judicial branch do to respond to the incident?
What information was involved?
Why am I just now learning this?
How do I know if my information was involved?
What can I do to protect my information?
Who can I contact if I have questions?
 

Overview

This webpage answers questions about the cybersecurity incident on the Kansas court system and what it impacted. 


What happened?

On October 12, 2023, the Kansas Office of Judicial Administration learned of unauthorized activity on its network. The Office took immediate action to protect its network and the information it contains. 

The Office also started working with cybersecurity experts to conduct an investigation. The investigation determined there had been unauthorized access to files stored on the Kansas Office of Judicial Administration network.  

The investigation also determined some files were exfiltrated during the incident. The cybersecurity experts reviewed these files to determine if any contained personal information and, if so, to whom it belonged. That review determined that personal information was in some of the exfiltrated files.  
 

What did the Kansas judicial branch do to respond to the incident?

The Kansas Office of Judicial Administration took immediate action to protect its network, secure information, and start investigating what happened and what was affected. Cybersecurity experts helped with this investigation. 

The Kansas Office of Judicial Administration put additional security controls in place and will continue to enhance its security controls in the future to even further reduce the possibility that this could happen again.  
 

What information was involved?

The Kansas Office of Judicial Administration worked with an experienced vendor to analyze the content of files exfiltrated during the incident. That analysis determined that personal information was included in files accessed without authorization. This personal information would have been given to the Kansas Office of Judicial Administration during litigation through the Kansas appellate courts, through applications to the Kansas bar, or through its inclusion in the Office’s other administrative records.
 

Why am I just now learning this?

As soon as the Kansas Office of Judicial Administration learned of the unauthorized activity on its network, it started to investigate which files were impacted. The Office hired a vendor to identify personal information in impacted files. The review was complicated because it involved complex information in various formats, some of which required manual review. The Kansas Office of Judicial Administration also wanted to offer those who are impacted credit monitoring and identity recovery services at no charge.  This work took time to complete.
 

How do I know if my information was involved?

The Kansas Office of Judicial Administration is working with a vendor to send written notice to persons whose information was found in the affected files. If your information was found during the search of the affected files, we will send you a notification. 

Notification will be by letter to affected individuals. If we could not identify a mailing address for an affected individual, notification will be made by media publication. Notification includes recommended steps affected individuals can take to monitor and protect their personal information. If we could not find an address for an affected individual, notification will be by media publication. 

Written notifications will show the Kansas judicial branch as the sender from a Sacramento address. 

No notifications will be made by telephone call, text, or email. If someone receives a phone call, text, or email about the cybersecurity incident, they are advised to end the call or delete the text or email. Phone communication about the cybersecurity incident should be initiated by the individual.  

However, you may call 1-888-861-6382 between 8 a.m. and 8 p.m. Central Time, Monday through Friday, to confirm if you are included on the list of impacted individuals. 
 

What can I do to protect my information?

If you receive a notification that your personal information was involved, it describes actions you can take to protect yourself. These actions include reviewing your credit reports and placing a fraud alert or security freeze on your credit file. These steps are in addition to the credit monitoring and identity restoration services the Kansas Office of Judicial Administration arranged for you to receive at no cost.  

Review your credit reports 

We recommend you be vigilant about reviewing account statements and monitoring credit reports. Under federal law, you are entitled to obtain one free copy of your credit report from each of the three major credit reporting companies every 12 months. You can request your credit report online or by telephone. 

www.annualcreditreport.com
1-877-322-8228

You may want to stagger your requests made of the three credit bureaus, so you get one free report every four months. 

You have the right to file a police report if you ever experience identity fraud. To file a crime report or incident report with law enforcement for identity theft, you may be asked to provide proof you are a victim. A police report is often required to dispute fraudulent items. You can report suspected incidents of identity theft to local law enforcement or your state attorney general. 

Place fraud alerts

Place fraud alerts with the three credit bureaus. If you choose to place a fraud alert, we recommend you do this after activating your credit monitoring. You can place a fraud alert with one of the three major credit bureaus by phone or through any of their websites. A fraud alert tells creditors to follow certain procedures, such as contacting you before they open a new account or change an existing account. For that reason, placing a fraud alert can protect you, but it may also delay you when you try to obtain credit. The contact information for all three bureaus is as follows:

Credit bureaus


Equifax Fraud Reporting
PO Box 105069
Atlanta, GA 30348-5069

Equifax Credit Freeze
PO Box 105788
Atlanta, GA 30348-5788
www.equifax.com/personal/credit-report-services 
1-888-836-6351


Experian Fraud Reporting and Credit Freeze
PO Box 9554
Allen, TX 75013
www.experian.com 
1-888-397-3742


TransUnion Fraud Reporting
PO Box 2000
Chester, PA 19022-2000

TransUnion Credit Freeze
PO Box 160
Woodlyn, PA 19094
www.transunion.com 
1-800-680-7289


You need contact only ONE of the bureaus and use only ONE of these methods. As soon as one of the three bureaus confirms your fraud alert, the others are notified to place alerts on their records as well. You will receive confirmation letters in the mail and will then be able to order all three credit reports, free of charge, for your review. An initial fraud alert will last for one year.

NOTE: Only you can place a fraud alert on your credit report.

Place a security or credit freeze 

By placing a security freeze, also called a credit freeze, no one can use your personal identifying information to open new accounts or borrow money in your name. You will need to contact the three credit reporting bureaus listed above to place the freeze. Keep in mind, once you place the freeze, you will not be able to borrow money, get instant credit, or get a new credit card until you again contact the credit reporting bureaus to temporarily lift or permanently remove the freeze. There is no cost to freeze and unfreeze your credit files.

Other steps you can take

You can get more information about steps you can take to avoid identity theft from the agencies listed below. The Federal Trade Commission also encourages anyone who discovers their information has been misused to file a complaint with them.

California residents

California Office of Privacy Protection
www.oag.ca.gov/privacy   

District of Columbia residents

Office of the Attorney General
400 6th Street, NW 
Washington, DC 20001 
oag@dc.gov
202-727-3400

Kansas Residents: File an Identity Theft Complaint Form with the Kansas Attorney General’s Office through their website: Identity Theft Complaint Form - https://ag.ks.gov/complaint-center/id-theft

Maryland residents

Office of the Attorney General of Maryland
Consumer Protection Division 
200 St. Paul Place 
Baltimore, MD 21202
www.oag.state.md.us/Consumer
1-888-743-0023 

New Mexico residents

You have rights under the Fair Credit Reporting Act. You have the right to be told if information in your credit file has been used against you, the right to know what is in your credit file, the right to ask for your credit score, and the right to dispute incomplete or inaccurate information. Further, under the Fair Credit Reporting Act, a consumer reporting agency must correct or delete inaccurate, incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative information; access to your file is limited; you must give your consent for credit reports to be provided to employers; you may limit “prescreened” offers of credit and insurance you get based on information in your credit report; and you may seek damages from a violator. You may have other rights under the Fair Credit Reporting Act not summarized here. Identity theft victims and active-duty military personnel have specific additional rights under the Fair Credit Reporting Act. Review your rights under the Fair Credit Reporting Act by writing or visiting:

Consumer Response Center
Federal Trade Commission
Room 130-A
600 Pennsylvania Ave. NW
Washington, DC 20580
www.consumerfinance.gov/f/201904_cfpb_summary_your-rights-under-fcra.pdf

New York residents

Office of the Attorney General
The Capitol
Albany, NY 12224-0341
https://ag.ny.gov/
1-800-771-7755

North Carolina residents

Office of the Attorney General of North Carolina
9001 Mail Service Center 
Raleigh, NC 27699-9001
www.ncdoj.gov
1-919-716-6400

Oregon residents

Oregon Department of Justice
1162 Court Street, NE
Salem, OR 97301-4096
www.doj.state.or.us/ 
877-877-9392

Rhode Island residents

You have the right to have any police report filed related to this incident. There are 18 Rhode Island residents impacted by this incident. 

Office of the Attorney General
150 South Main Street
Providence, RI 02903
www.riag.ri.gov
401-274-4400 

All United States residents

Identity Theft Clearinghouse
Federal Trade Commission
600 Pennsylvania Avenue, NW 
Washington, DC 20580
www.consumer.gov/idtheft
1-877-IDTHEFT (438-4338)
1-866-653-4261 TTY
 

Who can I contact if I have questions?

If you have questions not answered on this page or in the communication sent to you, contact:

Call between 8 a.m. and 8 p.m. Central Time (M-F, except on holidays). The number will be active starting at 8 p.m. May 6. 
1-888-861-6382 

Or send email to
incident@kscourts.org

 

Related

Notice of Data Security Incident

Kansas Office of Judicial Administration to contact individuals affected by court system cybersecurity incident

Court Systems Security Incident Recovery



Find a District Court