San Francisco Metro Hackers Threatening to Leak Customer, Contracts Info

November 28, 2016

The San Francisco transit system (MUNI) suffered a ransomware attack the last weekend, and all its systems got infected with malware that eventually led to everyone getting free rides on Friday evening and Saturday in most stations.

Furthermore, the ransomware that the hackers used demanded the MUNI to pay 100 Bitcoin ($73,000) in exchange for removing the malware and restoring the full functionality of the service.

Reports that were published in the last few hours cite the hacker as revealing that San Francisco authorities ignored these requests, so he is now threatening to leak no less than 30 GB of data that includes details about customers, contracts, and employees.

“To have more impact to company to force them to do right job!” the hacker told Motherboard in a statement when asked why he plans to leak the information. “Anyone see something like that in Hollywood movies but it’s completely possible in real world!”

While the San Francisco MUNI officials haven’t provided updated statements on this case, the hacker blames authorities for the attack, explaining that it all happened “to show to you and proof of concept, company don’t pay attention to your safety.”

MUNI: No data was compromised

At the moment of writing this article, MUNI systems are working normally in the majority of stations, but without official statements from the transit system’s officials, it’s not yet clear whether the malware has been removed completely or not.

The hacker says that he is still in control of some computers, and his previous statements indicated that the ransomware automatically infects the other systems in the network, which could be living proof that security engineers at MUNI are still trying to deal with the attack.

Read full story…