“You Hacked, ALL Data Encrypted.”
That was part of the message displayed on computer screens at Muni stations across San Francisco on Saturday in what appears to be a computer hack targeting The City.
Along with the message, fare payment machines at Muni underground stations read, “OUT OF SERVICE” in red LED letters.
“We got hacked,” one Muni operator clad in a brown Muni uniform said at Van Ness Station on Saturday. He didn’t want to share his name for fear of workplace retaliation, but said Muni has been “hacked” since Friday afternoon.
The entire message read, “You Hacked, ALL Data Encrypted. Contact For Key(firstname.lastname@example.org)ID:681 ,Enter.”
Paul Rose, a San Francisco Municipal Transportation Agency spokesperson, said the agency was investigating but did not comment on whether Muni was hacked.
“We are currently working to resolve the situation,” Rose said. “There is an ongoing investigation and it wouldn’t be appropriate to provide additional details.”
The message is reminiscent of “ransomware,” a term for a type of email malware which can be downloaded mistakenly by an employee, though it was not confirmed this is how the message appeared.
According to a guide on ransomware from Microsoft.com, the malware may ask those locked out of their data to pay a fine before releasing the locked out data.
It was still unclear Saturday afternoon how far the apparent Muni hack has extended, or whether other San Francisco agencies were affected. Unable to charge its customers, Muni was allowing free rides on its light-rail vehicles.
Some SFMTA employees told the San Francisco Examiner that their email did not work, though it was unclear whether that was affecting all of the SFMTA’s nearly 6,000 employees.
Muni station operators told the Examiner that Muni subway fare gates were locked in an open position, and could not be electronically closed. Rose said the fare gates were intentionally opened to foster the free Muni service.