Dublin’s Luas tram system threatened with private data leak

Hackers defaced the Luas website and demanded a ransom in Bitcoin.

Chinese ransomware scheme infects 100,000 but it has made a fatal mistake Ransomware authors might have shot themselves in the foot by handling payments via WeChat. Local law enforcement could track ransom payments.

Hackers have threatened Dublin's tram system Luas with the leak of private data should the company fail to pay a ransom in Bitcoin.

On Thursday, the tram service provider, operational in Ireland, informed customers of the security incident in a message posted to Twitter, saying that the website was "compromised" and a "malicious message was put on the home page," viewable to early visitors visiting the domain to look up routes and find information relating to the service.  

screenshot-2019-01-03-at-14-04-40.png

Earlier on in the day, Luas had asked customers not to visit the website due to an "ongoing issue." Physical services are running as normal; however, at the time of writing, the Luas website is offline. 

The message in question left behind when the Luas website was defaced claimed that the service had been previously told about severe security deficiencies in the website, but no action was taken. 

See also: Chinese hackers tap into EU diplomatic communications network

As a result, the cybercriminals responsible demanded one Bitcoin (BTC) to be paid within five days, the current equivalent of $3,843, or data that has allegedly been stolen would be published. 

screenshot-2019-01-03-at-14-05-02.png

The ransom message.

CNET: US charges Chinese hackers with 'massive theft' from NASA, Navy and tech sector

The threat of data theft may or may not be genuine, but it should be noted that while the main Luas domain is down to allow technicians to regain control of the website -- and patch any security holes they find -- the tram service's payment gateway appears to be online and operational.

TechRepublic: The FTC's cyberinsurance tips: A must-read for small business owners

ZDNet has reached out to Luas with additional queries. In the meantime, the only statement released by the company reads:

"We will update customers via Twitter and Facebook, AA Road Watch and the media should there be any change to Luas services today. We apologize to all Luas customers for the inconvenience."

Previous and related coverage