San Francisco transportation system hit with ransomware

Computer systems tied to San Francisco’s Muni public transportation lines have been infected by ransomware, giving riders a free pass on the city’s bus, train and trolley services.

The system’s computers, which had been compromised prior to Thanksgiving, displayed the message “You Hacked, ALL Data Encrypted.” Fare terminals had signs attached that said “out of service” and “free Muni” on Saturday, according to local media.

“There’s no impact to the transit service, but we have opened the fare gates as a precaution to minimize customer impact,” Muni spokesperson Paul Rose told San Francisco’s CBS affiliate. “Because this is an ongoing investigation it would not be appropriate to provide additional details at this point.”

Additionally, the hack may delay Muni employees from being paid.

According to CSO Online, the attackers are asking for 100 BTC, which comes to $73,184 as of the time of this article’s publication.

Ransomware has been an extremely popular attack method in over the past 18 months. These systems are often poorly designed, making it hard to return computer systems to normal even if ransoms are paid.

Last year, Muni announced a new mobile payment option for riders to pay for their rides. It was unclear at the time of publication how the app was affected. 

Additionally, there may be more businesses dealing with ransomware than the private sector community cares to talk about. While laws and regulations vary across states and countries, staying silent can be illegal. The specifics depend on a variety of factors including what kind of data was exposed, how it happened and where the breach took place. What stays the same is the perception that disclosure may be more trouble than it’s worth.

This story originally appeared on Scoop News Group’s CyberScoop publication.