San Francisco’s Bay Area Rapid Transit suffered a ransomware attack that exposed highly sensitive and personal data.
Vice Society, a prolific ransomware group, claimed responsibility for the attack and posted screenshots of the allegedly stolen data.
The data contained a long list of files titled “master employee list,” “background disposition” reports, crime lab reports, police reports, and a “suspected child abuse report.
Source: https://www.databreaches.net/ransomware-attack-exposes-california-transit-giants-sensitive-data/
TPRM report: https://scoringcyber.rankiteo.com/company/bart
"id": "bar222512123",
"linkid": "bart",
"type": "Ransomware",
"date": "01/2023",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"{'affected_entities': [{'industry': 'Transportation',
'location': 'San Francisco, CA',
'name': 'Bay Area Rapid Transit',
'type': 'Public Transportation'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Sensitive Data']},
'description': 'San Francisco’s Bay Area Rapid Transit suffered a ransomware '
'attack that exposed highly sensitive and personal data.',
'impact': {'data_compromised': ['master employee list',
'background disposition reports',
'crime lab reports',
'police reports',
'suspected child abuse report']},
'motivation': 'Data Theft and Ransom',
'ransomware': {'data_exfiltration': True},
'threat_actor': 'Vice Society',
'title': "Ransomware Attack on San Francisco's Bay Area Rapid Transit",
'type': 'Ransomware Attack'}