Pittsburgh’s transit authority was hit with a ransomware attack last week, causing temporary disruptions to the city’s public transportation system.
The ransomware attack, which was first detected on Dec. 19 according to a news release from Pittsburgh Regional Transit, caused temporary disruptions to rail service. Local news service WPXI Channel 11 originally reported that an internet outage was causing the city’s T rail cars to be delayed by 20 minutes, and several of the transit authority’s systems to go offline. However, by Monday, the city identified the disruption as a cybersecurity incident, and shared that transit services had returned to normal operations.
While the T rail had resumed its regular schedule this week, other rider services — including the authority’s Customer Service Center — remained impacted, and the authority was temporarily unable to accept or process senior and child ConnectCards, the release said.
The transit authority said that upon discovering the incident last week, it “immediately launched” an investigation by activating its Cyber Incident Response Team, notifying law enforcement and engaging “third-party cybersecurity and data forensics experts.” So far, it is unclear if any information was compromised, and a culprit has not been identified.
“PRT takes seriously the security of its systems and the data it stores. PRT is committed to providing public updates as the investigation evolves,” the news release said. “Due to the sensitive nature of the situation, specific details cannot be shared at this time.”
The cyberattack on Pittsburgh Regional Transit is the most recent attack on a public transit agency, which are often made targets for their caches of sensitive customer data and ability to cause disruption. Earlier this year, the Port of Seattle and the Seattle-Tacoma International Airport were hit with a ransomware attack that affected transit services, including baggage, check-in kiosks, ticketing, Wi-Fi, passenger display boards, the Port of Seattle website, the flySEA app and reserved parking. In 2020, Philadelphia’s Southeastern Pennsylvania Transportation Authority, or SEPTA, suffered a cyberattack that shut down its real-time bus and rail information for two weeks.
