Pittsburgh Transit Authority Targeted in Ransomware Attack
The Pittsburgh Regional Transit (PRT) authority experienced a ransomware attack last week, causing temporary disruptions to the city’s public transportation system.
The attack, initially detected on December 19, briefly affected rail services, according to a statement from PRT. Initially reported by WPXI Channel 11 as an internet outage, the incident caused delays of up to 20 minutes for the city’s T rail cars and took several key systems offline. By Monday, authorities confirmed the disruption was a cybersecurity incident, and transit services had returned to normal operations.
While T rail services have resumed their regular schedules, other operations remain affected. The authority’s Customer Service Center is still experiencing disruptions, and PRT has temporarily halted processing senior and child ConnectCards, the agency noted in its statement.
Cybersecurity Response and Investigation
Upon discovering the attack, PRT immediately activated its Cyber Incident Response Team, engaged third-party cybersecurity and forensic experts, and notified law enforcement. The investigation is ongoing, and officials have yet to confirm if any sensitive information was compromised or identify the perpetrators.
“PRT takes seriously the security of its systems and the data it stores,” the agency said. “We are committed to providing public updates as the investigation evolves. However, due to the sensitive nature of the situation, specific details cannot be shared at this time.”
A Growing Target for Cyberattacks
The ransomware attack on Pittsburgh’s transit authority highlights the increasing vulnerability of public transit agencies to cyber threats. These organizations often hold significant amounts of sensitive customer data and are critical to city operations, making them attractive targets for attackers.
Similar incidents have affected other transit systems. Earlier this year, the Port of Seattle and Seattle-Tacoma International Airport were hit with a ransomware attack that disrupted various services, including baggage handling, ticketing, and public Wi-Fi. In 2020, Philadelphia’s Southeastern Pennsylvania Transportation Authority (SEPTA) suffered a cyberattack that shut down real-time bus and rail information for two weeks.
As the Pittsburgh investigation continues, it serves as a reminder of the importance of robust cybersecurity measures to protect essential infrastructure and the public services it supports.
