Operator Transdev advises users not to click on the Luas website until restoration is complete.
Luas, Dublin’s tram and light rail system, had its website taken down after being hacked by an unidentified attacker demanding to be paid in bitcoin, the Irish Examiner reported yesterday.
The Luas website was taken down yesterday by operator Transdev yesterday morning, issuing a notice that states the site is “undergoing restoration following a cyber-attack.”
The report states that the attack could have compromised the records of the 3,226 people who signed up for the system’s newsletter. Consequently, the hacker is demanding payment of one bitcoin (about €3,400) within the next five days.
If such payment isn’t received, they’re threatening to publish all data.
According to the Examiner, the attack follows earlier correspondence between the attacker and the tram operator, in which they told the company that its website had “serious security holes.”
Fortunately, Transdev says that none of that compromised data has been financial, and will reportedly be writing to the affected users “within the next 24 hours.”
Irish cybersecurity company Smarttech 247 says that the attack on Luas is likely to be “the first of many in 2019,” and encourages companies and the public to make sure their PC’s are protected against ransomware.
“Although it’s only three days into the new year Smarttech247 team have already seen a sharp rise in ransomware attacks.” Ronan Murphy, Smarttech 247 CEO commented. “These are primarily spreading via email where they appear to be a Microsoft document (word, excel). The Ransomware will attack any server or computer which does not have adequate protection and this includes web servers that host websites and applications.”
Additionally, Luas sent out a tweet earlier yesterday morning, urging its users not to click on the Luas website until the site has been restored.
Source: Irish Examiner