Kansas City, Kansas Police Department data leaked online

A notorious hacker group has allegedly leaked data stolen from the Kansas City, Kansas Police Department (KCKPD) after a failed ransomware negotiation.

The BlackSuit ransomware cartel posted KCKPD on its dark web blog, which the gang uses to showcase its latest victims. The attackers included an extensive data list, including case reports, what appears to be a fingerprint database, employee data, and other sensitive details.

We reached out to KCKPD for comment but did not immediately receive a reply. Meanwhile, the attackers attempted to blame the organization for the data leak.

“Kansas police said they will not pay a ransom after voluntarily agreeing to have their case files made public. Trust your police,” the attackers said on their dark web blog.

Ransomware cartels employ aggressive tactics to coax victims into meeting attackers’ ransom demands. One tactic is threatening to leak stolen data until the victim succumbs. In other instances, attackers leak the data bit by bit, to showcase willingness to leak damaging sensitive data.

BlackSuit Kansas
Post on the attackers' dark web blog. Image by Cybernews.

BlackSuit’s post on KCKPD’s attack supposedly includes swaths of sensitive police information, from payroll data to homicide crime scene photos and evidence room information. The information appears to be as recent as April 2024.

KCKPD serves over 156,000 residents of Kansas City, Kansas, the inner suburb of a more populous city of Kansas City, Missouri.

The alleged perpetrators of the attack, the BlackSuit ransomware gang, are suspected to be a rebrand of the cybercriminals formally known as Royal, which was a rebrand of another notorious ransomware cartel Conti.

The BlackSuit cartel emerged in May 2023, and, according to Cybernews’ ransomware monitoring tool Ransomlooker, the gang has been among the most active cartels, having victimized at least 58 organizations in 2024 alone.