Personal information of 3,226 people who used Luas tram services may have been compromised in a potential cyber-attack. The Dublin-based tram service operator stated that unknown intruders defaced its website and demanded a ransom of one Bitcoin.
In a social media post, Transdev, the company that operates the Luas, declared that its website got compromised and a message from the hackers was displayed on the home page, saying
“You are hacked … some time ago I wrote that you have serious security holes [but] you didn’t reply … the next time someone talks to you, press the reply button … you must pay 1 bitcoin in 5 days … otherwise I will publish all data and send emails to your users.”
The company stated the website has been taken down and they’re working on the issue.
“Due to an ongoing issue, please do not click onto the Luas website. We currently have technicians working on the issue. We will be using this forum only for travel updates should the need arise. For any queries, please contact our customer care number on 1850 300 604,” Luas post read.
There are various incidents of cyber-attacks on transport system earlier. On October 24, 2017, Ukraine’s Odessa airport and metro system in Kiev was targeted by a malware called “BadRabbit” and prompted state-run Computer Emergency Response Team (CERT) to ask transport networks to be on alert.
Also, a cybersecurity audit performed on the Washington Metro in July 2018, highlighted that the agency remains vulnerable to attacks that might endanger the security system. The audit report was submitted to Metro’s board of directors in late last month, but the key facts are being kept secret due to the risk from scammers.
The report specifically mentioned the Metro’s incident response measures and whether the security experts in the agency know how to detect and respond to a cyber-attack. In a response to the report, the Metro officials announced that they’re focussing on the security improvements in the entire transport system.