Oahu Transport Services (OTS), a private contractor, was the target of the attack. It manages several public transportation services in Honolulu. On Thursday, December 9, OTS faced a cyberattack that shut down its online servers. The attack has affected the websites as well as real-time location services of TheBus and TheHandi-Van. It also made HOLO cards, a smart card system for public transport, inoperable. According to reports, the affected websites remained inaccessible on Monday, December 13. On a positive note, OTS officials stated that TheBus has resumed regular operations, and users can once again make payments with their HOLO cards.
No Personal Information Compromised in the Attack
Honolulu officials believe the attack has all the signs of a ransomware attack. However, Roger Morton, director of the Department of Transportation Services, said the city has not received any payment demands as of yet. Thankfully, the attack did not lead to a data breach of users’ personal information. This is because OTS servers are separate from those of the city. Initial investigations did not find evidence of any data theft.
Statement by the FBI
The FBI said it is looking into the cyber attack along with its federal, state, and local partners. The agency is also providing resources to help OTS resolve the intrusion. Steven Merrill, FBI Special Agent in Charge, said, “we are currently working with our inter-agency partners to identify those responsible for this crime.” “As always, the FBI is focused on ensuring our partners at Oahu Transit Services have everything they need to return to normal operations, and we will do everything we can to impose risk and consequences on those responsible for this attack,” Merrill added.
Further Attacks on Honolulu Public Bodies
Worryingly, two other public bodies in Honolulu faced cyber attacks. On Sunday, December 12, the Honolulu Emergency Medical Services and the Honolulu Board of Water supply faced a scare after their third-party time-keeping system faced a ransomware attack. Kronos, the company that provides the pay-roll software, said the attack “may force its systems offline for weeks.” A representative from the Mayor’s office said that no employee or customer information was compromised. However, the Board of Water supply has advised its employees to look out for suspicious credit card activity.