The alleged hacker spread malware “for money, nothing else.”
The deals didn’t end on Black Friday for many San Francisco commuters.
A city-wide hack of the San Francisco Municipal Transportation Agency (SFMTA) meant free rides for all on Saturday.
“You hacked, ALL data encrypted,” read MTA computer screens across the Bay Area, according to the San Francisco Examiner. The message included an email to contact “for key.”
The SFMTA did not immediately respond to PCMag’s request for comment, but confirmed the breach to local CBS news affiliate KPIX 5.
As to how the infection occurred, it looks as though an employee of SFMTA is to blame. A PC on the agency’s network with “admin level” access was used to download a software keycode generator typically used to create keys to bypass software license fees. The generator carried the malicious code which locked down the network when it was run.
“There’s no impact to the transit service, but we have opened the fare gates as a precaution to minimize customer impact,” the transit agency said. “Because this is an ongoing investigation it would not be appropriate to provide additional details at this point.”
Citing “inside sources,” KPIX 5 reported that the system had “been hacked for days,” and the outage may affect employees, who are allegedly worried about a missing paycheck for the week.
The cyberattack also impacted the Municipal Transportation Agency’s email system, KPIX 5 said.
Some payment systems and station agency computers were restored by Sunday, according to the Examiner, which tipped a 100 Bitcoin ($73,000) ransom in exchange for regaining access to the systems.
PCMag contacted the email address provided via the hacked MUNI screens, but have not received a reply. Someone calling themselves “Andy Saolis,” however, responded to the newspaper’s request, claiming to have spread the malware “for money, nothing else.”
“I hope it’s help to company to make secure IT before we coming !” Saolis wrote in an email to the Examiner.