This site uses cookies to improve your experience and to provide services and advertising. By continuing to browse, you agree to the use of cookies described in our Cookies Policy. You may change your settings at any time but this may impact on the functionality of the site. To learn more see our Cookies Policy.
OK
Dublin: 12 °C Tuesday 10 December, 2019
Advertisement

At least 3,226 user records compromised in Luas cyber attack

The records of those who had signed up for the Luas newsletter had been compromised, Transdev said this afternoon.

Updated Jan 3rd 2019, 7:12 PM

2003 New Luas_90532349 Source: Leah Farrell/RollingNews.ie

THE LUAS WEBSITE is down for the day after being hacked.

Luas operator Transdev said that the attack was “professional” and that the site is being analysed to see how the attack happened. It said:

We have identified 3,226 user records at this point of the investigation which may have been compromised.

“These are the records of where people signed up to a Luas newsletter. Luas will write to these people within the next 24 hours informing them of the potential breach.”

No financial information has been compromised in this attack, it added. Luas is also in contact with the Data Protection Commissioner.

Visitors to Luas.ie are met with a note demanding payment of one bitcoin, currently worth €3,385.

“You are hacked,” the message read:

PastedImage-92603

It continued: “Some time ago I wrote that you have serious security holes. You didn’t reply the next time someone talks to you, press the reply button.”

The message then demanded payment of one bitcoin within the next five days, or else the hacker claims they will “publish all data and send emails to your users”.

In a tweet, Luas said all travel updates will be provided on Twitter until technicians regain control of the website.

It later said that it will take about a day to resolve the issue with the website.

Transdev said that it would take the day to resolve, and that it would notify its customers when the website is back online:

The website has been taken down by the IT company who manage it, and their technicians are working on it.

Luas are informed this may take the day to resolve. We will update customers via Twitter and Facebook, AA Roadwatch and the media should there be any change to Luas services today.
One possibility is that the hack was a ransomware attack.

This involves finding a security weakness on the website or using leaked or phished login credentials, and using this to install malicious software on computers or servers connected to the site.

The software then locks down the computer’s files using powerful encryption. The hacker will often offer to provide the decryption code in return for payment, to allow owners to regain access.

Another is that the data was stolen in a hack, rather than ransomware being used.

- with reporting from Gráinne Ní Aodha

  • Share on Facebook
  • Email this article
  •  

About the author:

Nicky Ryan

Read next:

COMMENTS (52)

This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel