Pittsburgh Regional Transit (PRT) suffered a **ransomware attack** on **December 19**, disrupting critical transit operations. The attack caused **temporary outages** in the city’s **T rail system**, leading to **20-minute delays** and forcing several systems offline. While rail services resumed normal operations by the following week, other key functions—such as the **Customer Service Center** and processing of **senior/child ConnectCards**—remained impaired. PRT activated its **Cyber Incident Response Team**, engaged **third-party forensics experts**, and notified law enforcement, but the extent of data compromise (if any) and the attacker’s identity remain undisclosed.The incident highlights the vulnerability of **public transit agencies**, which are frequent targets due to their **sensitive customer data** and potential to cause **large-scale operational disruptions**. Similar attacks have previously crippled transit systems, including the **Port of Seattle (2023)** and **SEPTA (2020)**, where real-time transit information was knocked offline for weeks. PRT emphasized its commitment to security but withheld specifics, citing the **ongoing investigation’s sensitivity**. The attack underscores the growing threat of **ransomware against critical infrastructure**, risking **public safety, financial losses, and reputational damage**.
Source: https://statescoop.com/pittsburgh-transit-authority-hit-with-ransomware-attack/
TPRM report: https://www.rankiteo.com/company/pittsburgh-regional-transit
"id": "pit820090225",
"linkid": "pittsburgh-regional-transit",
"type": "Ransomware",
"date": "6/2020",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{'affected_entities': [{'industry': 'transportation',
'location': 'Pittsburgh, Pennsylvania, USA',
'name': 'Pittsburgh Regional Transit (PRT)',
'type': 'public transit authority'}],
'customer_advisories': 'Disruptions to ConnectCard processing and Customer '
'Service Center acknowledged',
'date_detected': '2023-12-19',
'date_publicly_disclosed': '2023-12-25',
'description': 'Pittsburgh’s transit authority (Pittsburgh Regional Transit, '
'PRT) was hit with a ransomware attack on December 19, causing '
'temporary disruptions to the city’s public transportation '
'system, including delays in T rail service (20-minute delays) '
'and offline systems. By December 25 (Monday), transit '
'services returned to normal, but other rider services (e.g., '
'Customer Service Center) and ConnectCard processing for '
'seniors/children remained impacted. PRT activated its Cyber '
'Incident Response Team, notified law enforcement, and engaged '
'third-party cybersecurity experts. No confirmation yet on '
'data compromise or culprit identification.',
'impact': {'downtime': {'ConnectCard processing': 'ongoing as of Dec 25',
'Customer Service Center': 'ongoing as of Dec 25',
'T rail': '~1 week (Dec 19–Dec 25)'},
'operational_impact': 'Temporary disruptions to rail and rider '
'services',
'systems_affected': ['T rail service (20-minute delays)',
'Customer Service Center',
'ConnectCard processing (senior/child cards)',
'Online systems (unspecified)']},
'investigation_status': 'ongoing (culprit and data compromise unclear)',
'ransomware': {'data_encryption': 'likely (systems taken offline)'},
'references': [{'date_accessed': '2023-12-25',
'source': 'Pittsburgh Regional Transit News Release'},
{'date_accessed': '2023-12-19',
'source': 'WPXI Channel 11 (local news)'}],
'response': {'communication_strategy': 'Public updates via news release; '
'limited details due to sensitivity',
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'recovery_measures': 'Restored T rail service by Dec 25; ongoing '
'recovery for other systems',
'third_party_assistance': True},
'stakeholder_advisories': 'Public updates committed as investigation evolves',
'title': 'Ransomware Attack on Pittsburgh Regional Transit (PRT)',
'type': 'ransomware'}