San Francisco’s Bay Area Rapid Transit (BART) is investigating an alleged ransomware attack after the Vice Society ransomware gang claimed to have attacked the agency.
BART – the fifth-busiest heavy rail rapid transit system in the United States – was listed on the group’s leak site on Friday. Alicia Trost, chief communications officer for BART, told The Record that they are investigating the data that was stolen and posted by the group.
“To be clear, no BART services or internal business systems have been impacted,” she said. “As with other government agencies, we are taking all necessary precautions to respond.”
Homeland Security Secretary Alejandro Mayorkas announced new cybersecurity regulations last year for U.S. railroad operators, requiring them to disclose any hacks, create cyberattack recovery programs and name a chief cyber official. Those regulations expired in December.
The Vice Society ransomware gang has drawn international headlines with attacks on colleges and K-12 schools, including the second largest public school district in the U.S. and several in the United Kingdom.
The FBI, Cybersecurity and Infrastructure Security Agency (CISA) and other agencies noted in an alert in September that Vice Society has “disproportionately” attacked dozens of educational institutions over the last year and stepped up its level of attacks in the fall of 2022.