The organization that runs the transit system for central Virginia dealt with a computer network disruption due to a cyberattack around the Thanksgiving holiday.
The Greater Richmond Transit Company provides bus and specialized transportation services for millions of people across Richmond, Chesterfield and Henrico Counties.
The spokesperson declined to answer further questions about whether it was a ransomware attack or whether data was stolen during the incident.
The service - which is owned jointly by the city of Richmond and neighboring Chesterfield County - conducted more than 8.7 million rides in 2022 and last year served about 31,200 riders per weekday.
The Play ransomware gang took credit for the attack, posting the organization on its leak site on Thursday.
The group gave GRTC until December 13 to pay an undisclosed ransom.
The ransomware gang has made a point of going after municipal services in 2023, launching devastating attacks on the city of Oakland, Dallas County and the Massachusetts city of Lowell.
Multiple public transit systems have faced attack over the last two years as they increasingly automate their services and systems.
The St. Louis region's Metro Call-A-Ride service for people with disabilities was attacked by ransomware actors in October, and a public transportation system for the state of Washington faced attack by a notorious ransomware gang in March.
The San Francisco Bay Area Rapid Transit was hit with ransomware in January, its second incident in recent years.
The transit bureau for Cape Cod, Massachusetts, took weeks to recover last year after a Memorial Day weekend ransomware attack, and the Toronto Transit Commission reported an attack in November 2021.
Vancouver, Montreal, Sacramento, Fort Worth, Philadelphia and Ann Arbor have all seen ransomware attacks on their transportation systems over the last five years.
New York City's Metropolitan Transportation Authority - one of the largest transportation systems in the world - was also hacked by a group based in China.
While the attack did not involve ransomware and did not cause any damage, city officials raised alarms in a report because the attackers could have reached critical systems and may have left backdoors inside the network.
Jonathan has worked across the globe as a journalist since 2014.
Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia.
He previously covered cybersecurity at ZDNet and TechRepublic.
This Cyber News was published on therecord.media. Publication date: Fri, 08 Dec 2023 17:55:24 +0000