Pittsburgh Regional Transit hit by ransomware attack
Learn More
Pittsburgh Regional Transit (PRT) has disclosed a ransomware attack detected on Thursday, 19th of December 2024 that temporarily impacted rail services and continues to affect customer service operations. The incident primarily affected communications in the light-rail center for several hours and currently impacts the processing of Senior and Kid's ConnectCards at their Customer Service Center.
PRT activated their Incident Response Team, engaged third-party cybersecurity and data forensics experts, and notified law enforcement. While all transit services have returned to normal operation, the organization is investigating whether any information was compromised during the attack.
PRT has not disclosed details about the attack, including information about potential ransom demands or data access. Adam Brandolph, PRT spokesperson, stated they aim to be transparent but are limited in sharing details during the active investigation phase.
Update - as of 7th of January 2025, Pittsburgh Regional Transit reports that the incident investigation confirmed that sensitive personal information was potentially compromised during the attack. The exposed data includes:
- Social Security numbers
- Driver's license numbers
- Personal information of job applicants
- Personal information of past employees
- Personal information of current employees
The number of individuals affected by this breach has not been disclosed. At least 69 employees, former employees and job applicants were impacted.
