Dublin-based Tram System Website Hacked 1 bitcoin Demanded as Ransom

Luas, a Dublin-based tram operator was forced to shut down their website after a data breach. The details of over 3000 users is believed to have been compromised during a cyberattack which was performed sometime around January 3rd. Accessed details fortunately contain no financial information as was clarified by a company representative.

Users who earlier tried to access the luas.ie website were greeted with a somewhat ominous message which read in full:

“You are hacked. Some time ago, I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the reply button. You must pay 1 bitcoin in 5 days, otherwise I will publish all data and send emails to your users.”

It should be noted that at the time of writing, 1 bitcoin is the equivalent of over 3000 Euros. The message concluded with a bitcoin address where the hacker(s) looks forward to receiving payment. As of now, there’s no guarantee Luas will pay the ransom. In response to this, the website has been temporarily shut down and a reply posted on Twitter on January 3rd:

“Due to an ongoing issue, please do not click onto the Luas website. We currently have technicians working on the issue. We will be using this forum only for travel updates should the need arise. For any queries, please contact our customer care number on 1850 300 604.”

Later that day, another tweet followed:

“The Luas website was compromised this morning , and a malicious message was put on the home page. The website has been taken down by the IT company who manage it, and their technicians are working on it. Luas are informed this may take the day to resolve.”

Because the website is currently offline, Luas suggested to their members to follow them on Twitter for any updates. We’ll be looking out on Twitter as well for any info relating to who perpetrated the attack and when the website will be ready for online use.

 

 

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil