Advertisement

Pittsburgh transit authority hit with ransomware attack

The transit authority said it's investigating a ransomware attack that briefly caused disruptions to the city's public transportation system.
Listen to this article
0:00
Learn more. This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.
Pittsburgh
(Getty Images)

Pittsburgh’s transit authority was hit with a ransomware attack last week, causing temporary disruptions to the city’s public transportation system.

The ransomware attack, which was first detected on Dec. 19 according to a news release from Pittsburgh Regional Transit, caused temporary disruptions to rail service. Local news service WPXI Channel 11 originally reported that an internet outage was causing the city’s T rail cars to be delayed by 20 minutes, and several of the transit authority’s systems to go offline. However, by Monday, the city identified the disruption as a cybersecurity incident, and shared that transit services had returned to normal operations.

While the T rail had resumed its regular schedule this week, other rider services — including the authority’s Customer Service Center — remained impacted, and the authority was temporarily unable to accept or process senior and child ConnectCards, the release said.

The transit authority said that upon discovering the incident last week, it “immediately launched” an investigation by activating its Cyber Incident Response Team, notifying law enforcement and engaging “third-party cybersecurity and data forensics experts.” So far, it is unclear if any information was compromised, and a culprit has not been identified.

Advertisement

“PRT takes seriously the security of its systems and the data it stores. PRT is committed to providing public updates as the investigation evolves,” the news release said. “Due to the sensitive nature of the situation, specific details cannot be shared at this time.”

The cyberattack on Pittsburgh Regional Transit is the most recent attack on a public transit agency, which are often made targets for their caches of sensitive customer data and ability to cause disruption. Earlier this year, the Port of Seattle and the Seattle-Tacoma International Airport were hit with a ransomware attack that affected transit services, including baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app and reserved parking. In 2020, Philadelphia’s Southeastern Pennsylvania Transportation Authority, or SEPTA, suffered a cyberattack that shut down its real-time bus and rail information for two weeks.

Keely Quinlan

Written by Keely Quinlan

Keely Quinlan reports on privacy and digital government for StateScoop. She was an investigative news reporter with Clarksville Now in Tennessee, where she resides, and her coverage included local crimes, courts, public education and public health. Her work has appeared in Teen Vogue, Stereogum and other outlets. She earned her bachelor’s in journalism and master’s in social and cultural analysis from New York University.

Latest Podcasts