Making good on its promise to wage cyberwar against Bay Area Rapid Transit (CA), the group Anonymous hacked BART’s customer website and released personal information. The group targeted myBART.org and published the names of at least 2,400 people along with their email addresses and passwords; in some cases addresses and phone numbers were published as well. MyBART is run by an outside vendor and is separate from BART’s main computer systems; the site allows riders to sign up for notification of contests, discounts, and events.
The hacker group was protesting BART’s decision to shut down wireless service at several stations as a public safety measure in anticipation of a protest last week; participants were planning to use mobile devices to coordinate their activities. Another protest is planned for Monday. “We’re going to take steps to make sure our customers are safe,” said BART spokesman Jim Allison. “The interruption of cell phone service was done Thursday to prevent what could have been a dangerous situation. It’s one of the tactics we have at our disposal. We may use it; we may not. And I’m not sure we would necessarily let anyone know in advance either way.” BART is taking steps to protect its main website and will inform customers whose information was posted. “We regret the inconvenience and stress that it’s created for customers,” Allison said. “We’re disappointed that they would do this,” he added in reference to the hackers. Link to full story in San Francisco Chronicle. Link to BART’s statement on the data breach.