A ransomware attack against San Francisco’s Bay Area Rapid Transit exposed highly sensitive and personal data after a threat group leaked the records.
According to screenshots sent to Cybersecurity Dive, the allegedly stolen data consists of a long list of documents with names like "master employee list," "background disposition" reports, crime lab reports, police reports, a "suspected child abuse report," a controlled substances examination report for heroin, and other highly sensitive and private information.
TPRM report: https://scoringcyber.rankiteo.com/company/bart
"id": "bar41328823",
"linkid": "bart",
"type": "Data Leak",
"date": "01/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Transportation',
'location': 'San Francisco',
'name': 'Bay Area Rapid Transit',
'type': 'Public Transportation'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['employee data',
'background reports',
'crime lab reports',
'police reports',
'child abuse reports',
'controlled substances '
'examination reports']},
'description': 'A ransomware attack against San Francisco’s Bay Area Rapid '
'Transit exposed highly sensitive and personal data after a '
'threat group leaked the records.',
'impact': {'data_compromised': ['master employee list',
'background disposition reports',
'crime lab reports',
'police reports',
'suspected child abuse report',
'controlled substances examination report for '
'heroin']},
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'Cybersecurity Dive'}],
'title': 'Ransomware Attack Against Bay Area Rapid Transit',
'type': 'Ransomware'}