San Francisco’s Mass Transit Targeted in Hacking Event

It’s something straight out of a Hollywood cyber thriller: hackers infiltrate a city’s infrastructure and cause chaos at every turn, starting with the transit systems.

Traffic lights all over the city blink at random, causing multi-car pileups. Trains derail and hit head on as the rail patterns are jumbled. Planes land at the wrong airports and taxis can no longer rely on their navigation systems. At the same time, the utility companies fight to keep up with the onslaught of misinformation coming across their screens.

While that might be scary fun in a fictional movie, the reality of it was far less amusing for one west coast city…and far less dramatic, too.

San Francisco’s Municipal Transportation Agency was hacked by cybercriminals who demanded payment in Bitcoin—about $70,000 worth—in order to release control of the network back to Muni authorities. The Muni system only suffered a delay to its payment kiosks, but no actual transportation services were affected.

In essence, all the hackers managed to do was disrupt around 2,000 payment terminals and allowing for everyone to travel for free. To ironically quote the popular children’s saga of Thomas the Tank Engine, they “caused confusion and delay,” but didn’t create any conditions of serious consequence. Muni quickly iterated that no safety protocols had been disrupted, and no customer payment information had been accessed or tampered with as a result of this incident.

This type of ransomware attack has been on the rise, and 2016 saw a noticeable increase targeting  the public service sector. Many of the victims this year were medical centers and hospitals, as the risk of lawsuits due to disrupted patient care or the fines for HIPAA violations would be far more astronomical than whatever ransom the criminals demanded. With the attacks on a city’s transit system, this may be a newly discovered revenue stream for cybercriminals who know what damage can be caused by blocking the infrastructure in a major metropolitan city.

As always, anyone who believes their identity has been stolen or their personal data has been compromised is invited to connect with the ITRC through our toll-free call center at (888) 400-5530, or on-the-go with the new IDTheftHelp app for iOS and Android.

Pin It


ITRC Sponsors and Supporters 





Go to top


The TMI Weekly

Breaches here, identity theft there and invasions of privacy everywhere... Should you be worried and, if so, how can you protect yourself? Sign up now to receive The TMI Weekly and get the latest hot topics in identity theft, data breaches and privacy and helpful information on how to protect your information.