Officials in Leavenworth, Kansas, say a cyberattack behind a Nov. 19 network outage is still disrupting invoice, permitting and hiring systems, though emergency services remain unaffected.
The city first reported a “network outage affecting city services” on Nov. 19 after computer and phone systems began failing late that morning. Outside information technology experts were brought in to investigate, and on Nov. 25 the city confirmed the disruption “stemmed from a cyber-attack.”
The incident affected the city government’s internal network rather than the broader internet or utility infrastructure. Local reporting from the Leavenworth Times has also described the event as a cyberattack on the municipal computer network.
City officials say multiple back-office and public-facing functions may need manual workarounds “for the near future,” including invoice processing for vendor payments, online permits and inspections, and emailed employment applications. Residents and contractors are being told to use mail or in-person drop-off options for permit requests and job applications at City Hall.
During the initial outage, Leavenworth reported limited phone and email access and a reduced ability to issue licenses and permits. Emergency operations were described as “still fully functioning and not affected,” indicating 911, police and fire services remained online.
Chip in once
If this reporting helped you, a one-time tip helps cover hosting, tools and future investigations.
Support us monthly
A small monthly pledge keeps independent coverage and our reader tools online for everyone.
Vendors may see delays in payment processing, and residents who rely on online permitting and inspection tools are facing additional paper steps until systems are fully restored.
In its Nov. 25 update, the city said it was “working around the clock” to resolve ongoing system disruptions and did not yet have a timeline for restoring full operations.
On Dec. 4, the Leavenworth Times reported that City Manager Scott Peterson described the city’s computer network as “mostly functional” following the cyberattack, while noting the incident occurred roughly two weeks earlier. That suggests core services are back online but some systems may still be degraded or running on temporary fixes.
Officials say they are continuing a technical investigation with outside experts and have not announced a full all-clear for city technology systems.
City leaders said their investigation has “determined that our issues stemmed from a cyber-attack” and emphasized that the privacy and security of information entrusted to the city is a top priority.
Leavenworth also said it is “not presently aware of any compromise of sensitive information” tied to the incident, but stressed that potential data exposure remains an active focus. Officials have pledged to notify individuals if they later find that personal or sensitive data were accessed.
Kansas has seen a string of disruptive cyber incidents, from a 2023 ransomware attack on the Kansas Judicial Branch that forced statewide courts offline to more recent outages at Rainbow Communications, Susan B. Allen Memorial Hospital and Atchison County that cut phone service, delayed care and closed county offices.
Similar attacks have hit city governments in Mentor, Ohio; Attleboro, Massachusetts; and La Vergne, Tennessee, disrupting phones, email and internal systems while core public safety services stayed online.
Leavenworth is a city of about 37,000 people in northeastern Kansas and serves as the seat of Leavenworth County along the Missouri River. It is also home to Fort Leavenworth and several major federal and military prison facilities.
City officials say the forensic investigation and system restoration work will continue, with further updates promised as they learn more. They have not publicly identified the type of malware or technique used, whether any ransom demand was made, or whether law enforcement or federal cyber agencies are formally involved.
Residents, contractors and job applicants who rely on online city services are being urged to use mail or in-person drop-off options for permits, inspections and applications until the city announces that its portals and email workflows are fully restored.
