IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

MBTA Commuter Rail Operator Confirms Cyberincident

The MBTA Commuter Rail operator was shut off after a ransomware attack targeted the transit authority.

Commuter Rail trains in Boston South Station
Commuter Rail trains in Boston South Station
Shutterstock/The Global Guy
(TNS) — The MBTA Commuter Rail's operator had to shut down some systems earlier this month to fend off a breach by hackers, the company confirmed.

"At no time were operational safety systems compromised, and there was no risk to system safety during this event," Keolis Commuter Services spokesman Justin Thompson told the Herald. "This event did not and will not impact the continued safe operation of MBTA Commuter Rail. For impacted employees, we are providing support resources, such as credit monitoring and identify theft protection."

Keolis said the "event" happened in the early morning hours of Oct. 10, and didn't affect any MBTA systems. The T owns much of the Commuter Rail infrastructure, but Keolis is under contract to handle all the operations for the commuter line trains.

Keolis, a French transportation giant, said none of its other networks were affected, and the hackers didn't access "safety critical systems."

Keolis' "advanced threat detection systems" alerted the company to the hack, causing Keolis to deactivate its entire Boston-area network within a few hours.

The company said it does not store any passenger data. Keolis said it's working with forensic experts to investigate the situation.

Keolis earlier this summer inked a four-year extension to its eight-year contract, and — despite some rumblings a year ago about a possible shakeup — will continue to operate the MBTA's Commuter Rail system through 2026. The state is currently taking steps toward dropping potentially billions of dollars into an overhaul of the system that would increase service.

©2020 the Boston Herald, Distributed by Tribune Content Agency, LLC.

Special Projects
Sponsored Articles
  • How the State of Washington teamed with Deloitte to move to a Red Hat footprint within 100 days.
  • The State of Michigan’s Department of Technology, Management, and Budget (DTMB) reduced its application delivery times to get digital services to citizens faster.

  • Sponsored
    Like many governments worldwide, the City and County of Denver, Colorado, had to act quickly to respond to the COVID-19 pandemic. To support more than 15,000 employees working from home, the government sought to adapt its new collaboration tool, Microsoft Teams. By automating provisioning and scaling tasks with Red Hat Ansible Automation Platform, an agentless, human-readable automation tool, Denver supported 514% growth in Teams use and quickly launched a virtual emergency operations center (EOC) for government leaders to respond to the pandemic.
  • Sponsored
    Microsoft Teams quickly became the business application of choice as state and local governments raced to equip remote teams and maintain business continuity during the COVID-19 lockdown. But in the rush to deploy Teams, many organizations overlook, ignore or fail to anticipate some of the administrative hurdles to successful adoption. As more organizations have matured their use of Teams, a set of lessons learned has emerged to help agencies ensure a successful Teams rollout – or correct course on existing implementations.