The website of the tram system in Dublin, theLuas, was hacked on Thursday, attackers claim to have the access to information stored on the organization’s systems.
Attackers defaced the website of the Luas, the home page displayed a message demanding the payment of 1 bitcoin. The hackers asked the payment within 5 days threatening to “publish all data and send emails to users” if the demand is not satisfied.
“Some time ago I wrote that you have serious security holes. You didn’t reply. The next time someone talks to you, press the reply button,” reads the message left by the attackers on the website.
Luas initially warned customers of the hack and invited them to avoid accessing the website “due to an ongoing issue,” the organization later confirmed that the website was compromised.
At the time of writing, the website of the Luas is still offline. the analysis of the bitcoin address provided by the attackers confirmed that organization did not pay the ransom.
It is not clear if the hackers have stolen data, Luas only collect some specific customers’ data, including name, mobile phone number, and email address.
The compromised site doesn’t contain financial data because customers buy tickets on a different website (payments[.]luas.ie) that was not affected by the hack.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.