Private data of TheBus and Handi-Van customers appears to have been hacked in an alleged ransomware attack on the company that operates the transportation services. The websites for TheBus and Handi-Van have been down for four days as the alleged attack continues.
This is the second hack of Oahu Transit Services in three years, and the FBI and Hawaii Police Department are investigating. Meanwhile, the city's Department of Transportation Services said that the breach began around 1 a.m. Saturday.
“Our phones went down, our OTS system went down and it became pretty obvious that it was an outside intrusion into the system,” stated Roger Morton, director of the city Department of Transportation Services. “What OTS did was immediately severed all the connections to other systems that they have.”
The bus and the handi-van continue to run their routes. However, the city claims that websites, GPS, and the Holo card were purposely shut down to safeguard people's data. It might be too late, though.
Falcon Feeds, an India-based cybersecurity company that monitors "threat actors," shared a screenshot on its X social media account claiming that "Oahu Transit Services Falls Victim to DragonForce Ransomware.”
DragonForce claims to have 800,000 pieces of data and has given OTS 10 days from Tuesday to pay the ransom.
“That’s from the DragonForces dark platform, where they shame most of these victims,” noted Nandakishore Harikumar, Falcon Feeds CEO and founder. “Every data breach, even if it’s leaking one line of data, we believe it’s serious.”
DragonForces is based in Malaysia, but Harikumar is unsure whether the firm that posted the ransom is legitimate or an imposter. Falcon Feeds published screenshots of the data, which included names, addresses, and bus or Handi-Van card ID types. Hawaii News Now masked the private data.
“We have not paid any ransom,” stated Morton, who added it’s against policy to pay ransoms. “They’re methodically putting the system back. Part of that is disinfecting hundreds of work stations on the chance that they might hold some kind of virus on them.”
DTS won't confirm a ransomware incident and claims it is being investigated. Meanwhile, Oahu Transit Services has responded to media requests through a Gmail account. According to Morton, OTS expects all online systems to be operational again Wednesday.
