The Maryland Transit Administration says it is actively investigating a cybersecurity incident, namely a ransom attack, that has rendered it unable to accept new requests for rides for its Mobility paratransit service for the disabled.
MTA, which says on its website that it's responsible for "one of the largest multi-modal transit systems in the United States," said that it's "actively investigating a cybersecurity incident that involves unauthorized access to certain systems" with assistance from the Maryland Department of Information Technology.
The good news is that MTA said its "core services (Local Bus, Metro Subway, Light Rail), MARC, Mobility [sic], Call-A-Ride, and Commuter Bus are operating normally." It's also planning to continue to offer Mobility rides that were booked prior to the incident; it just doesn't have the requisite systems in place to handle requests for new rides.
"The agency is actively working to resolve this issue as quickly and securely as possible and will provide updates as they become available," MTA said. "In the meantime, eligible riders should consider using the Call-A-Ride program, which can be accessed at www.mtacallaride.org or (410) 664-2030." (Guidelines can be found here.)
This isn't a one-off incident. Ransomware gangs seem to be making a habit of targeting these services: The Record reported that "over the last two years, cities in Missouri, Virginia, and other states have had to provide alternatives to disabled residents after cyberattacks or ransomware incidents took critical systems offline."
"Our primary goal is to ensure the safety and security of our transit customers and employees," MTA said. "MDOT/MTA are working with our partners to support all communities impacted. We will work with our media partners to keep the public updated."
Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
