Some San Francisco public railway riders had a little more to be thankful for during the Thanksgiving weekend: free rides.
That’s according to Fortune, which reported hackers infiltrated a computer network used by San Francisco’s public railway system during the Thanksgiving weekend, interrupting ticketing service and giving some passengers free rides. The kiosks at the railway station were back up and running on Sunday (Nov. 27).
According to Fortune, even though the system is back up and running, the hackers are threatening to reveal 30 gigabytes of stolen employee and customer data. According to the report, the hackers are threatening to release the data if the agency doesn’t fix its security holes and pay a fee, which was not disclosed. The government agency has to pay up by Friday (Dec. 2), noted Fortune. While the San Francisco Municipal Transportation Agency declined to comment, Paul Rose, a spokesman for the agency, said there is an investigation underway into the hack, and that it wouldn’t be appropriate to provide details.
Fortune reported that, beginning on Friday afternoon, ticket machines at the railway read, “You Hacked, ALL Data Encrypted.” People were urged to contact an email address for a key to unscramble the data. Fortune cited a San Francisco Examiner report, which claimed hackers want 100 bitcoin, or around $73,000, in ransom. The hacker group, in response to an email from Fortune, said they were “Andy Saolis,” which Fortune said was a pseudonym linked to other ransomware attacks. Saolis said in the email that the railway attack was an automated one instead of a targeted attack that was able to exploit old software. Saolis said the breach goes beyond just the kiosks at the station.