San Francisco public transit system hit in ransomware attack

(Reuters) - The San Francisco Municipal Transportation Agency said on Monday it had contained a cyber attack, which local media reported had crippled its ticketing systems and forced it to offer free service to some customers during the Thanksgiving weekend.

The agency, known widely as Muni, said it was the victim of a ransomware attack on Friday that disrupted some internal computer systems, including email, but had no impact on safe operation of its transit services.

“The situation is now contained and we have prioritized restoring our systems to be fully operational,” Muni said in a statement on its website early on Monday morning.

Representatives of Muni, which operates buses, subway lines and San Francisco’s iconic cable cars, could not be reached for further comment.

The attack is the latest high-profile intrusion with ransomware, a type of computer virus that scrambles data on infected machines, disrupting operations of organizations that rely on computers to deliver services. Criminals typically offer to restore data in exchange for ransoms ranging from few hundred dollars to tens of thousands of dollars or more.

The San Francisco Examiner reported that somebody who claimed to have launched the attack told the newspaper that they had demanded a $73,000 ransom, the San Francisco Examiner reported.

Reuters was unable to confirm details of the extortion demand or determine if payment had been made.

Muni allowed free rides on its vehicles during the weekend because the attack disrupted ticket-selling systems and caused screens on kiosks to display the phrase “You Hacked, ALL Data Encrypted,” according to the Examiner.

Representatives of the U.S. Federal Bureau of Investigation, which investigates many cyber crimes, said they had no immediate comment.