Steve Ragan reports:
The person claiming responsibility for the attack on San Francisco’s MUNI says the SFMTA has lax security, and warns that if the ransom isn’t paid, they’ll release 30GB of compromised data.
The demands follow a weekend of headaches for SFMTA, after MUNI was targeted shortly before the Thanksgiving holiday, resulting in systems that were encrypted and held for a $73,000 ransom.
On Sunday, Salted Hash revealed that 2,112 MUNI systems were infected with hard drive encrypting malware.
Read more on Salted Hash.
Note that Threatpost was able to subsequently obtain a statement from SF MUNI. Tom Spring reports:
Paul Rose, a San Francisco Municipal Transportation Agency spokesperson told Threatpost in a statement that the attackers’ allegations are false and that no customer privacy or transaction information was compromised. “We have never considered paying ransom and don’t intend to. The attack did not penetrate our firewalls and we are able to restore systems through the work of internal staff,” Rose said.
Read more on Threatpost.