Off the wire
Roundup: UN official says difficult to restart Cyprus reunification negotiations  • Mozambican president pays tribute to late Cuban leader  • Ex-football coach charged with abuse offences  • Burundi gov't condemns assassination attempt against senior official  • Hungarian, Bangladeshi PMs meet to outline cooperation  • Roundup: Rwanda opens investigations on 20 French officials over genocide  • Newest Land Rover discovery to be produced in Slovakia  • Smogathon initiative examines counter-smog solutions in Poland  • Interview: Ghana police are prepared to safeguard peaceful polls: Spokesman  • Spanish stock market rises 0.55 pct, closes at 8,667 points  
You are here:   Home

San Francisco transit agency says no data stolen in ransomware attack

Xinhua, November 30, 2016 Adjust font size:

The San Francisco Municipal Transportation Agency (SFMTA) clarified on Tuesday that a ransomware attack last weekend targeted about 900 of its office computers and its payroll system was intact.

Apparently in response to a blog posting a day earlier that hackers were threatening to expose 30 gigabytes of stolen employee and customer data, the SFMTA acknowledged that the ransomware encrypted some systems mainly affecting office computers, as well as access to various systems, but its network was not breached from the outside, nor did hackers gain entry through its firewalls.

In addition to its statement that operations and safety of the public transportation systems, including buses and light rail trains, were not affected during the Thanksgiving weekend, the agency said "our customer payment systems were not hacked. Also, despite media reports - no data was accessed from any of our servers."

"The SFMTA's payroll system remained operational, but access to it was temporarily affected," the agency said in a statement posted on its website. "There will be no impact to employees' pay."

The SFMTA, also known as Muni, turned off ticket machines and faregates in the Muni Metro subway stations, starting Friday through 9 a.m. on Sunday, as a precaution to minimize potential risk or inconvenience to Muni customers.

The San Francisco Examiner reported earlier that an alleged hacker said the attackers only accept Bitcoin, an electronic form of currency, and demanded 100 Bitcoin, equivalent to about 73,000 U.S. dollars, from the SFMTA.

Increasing a form of cyber attack by criminals with aim to gain financially, ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

In its statement, the SFMTA said it has never considered paying the ransom. Rather, "upon discovering the malware, we immediately contacted the (U.S.) Department of Homeland Security (DHS) to identify and contain the virus. We are working closely with the Federal Bureau of Investigation (FBI) and DHS on this matter."

The SFMTA said it has an information technology team in place to restore systems, and existing backup systems has allowed the agency to get most affected computers up and running on Tuesday morning, and the remaining computers were expected to be functional in the next day or two. Endit