On Friday the following message appeared on Muni ticketing systems: “You Hacked, ALL Data Encrypted.”
With the ticket machines out of order, Muni let customers ride light-rail trains free on Saturday and Sunday. Systems were back online on Sunday, and Muni posted the following statement on its website:
This cybercrime disrupted some of our internal computer systems including email. Transit service was unaffected and there were no impacts to the safe operation of buses and Muni Metro. Neither customer privacy nor transaction information were compromised.
According to several media outlets, someone using the name “Andy Saolis” — a pseudonym associated with similar attacks — is claiming responsibility for the attack. Muni wasn’t specifically targeted, Saolis wrote in an email to Fortune, but was the victim of an automated attack: “We Gain Access Completely Random and Our Virus Working Automatically !”
But even as fare payment systems came back online, the hackers reportedly demanded 100 Bitcoins in ransom, or approximately $73,000. And it is still not clear whether the attack was limited to the fare systems. The Bay Area news site Hoodline reports that the hackers claim to control 2,112 of the agency’s computers.
Image source: ImproveSF