Hackers demand ransom for stolen Metro data

ST. LOUIS — A hacking group stole confidential data from the St. Louis area’s transportation agency in a cyberattack earlier this month and is threatening to publish it if officials do not pay a ransom.

Neither transportation officials nor the hackers have specified how much data was stolen or how much money is being demanded. The hackers claim they stole information related to the regional transportation system Metro Transit, including passports, Social Security numbers and tax information.

A Metro Transit official said no customer data has been compromised, but the investigation is ongoing.

Brett Callow, an analyst with the New Zealand-based cybersecurity company Emsisoft, shared screenshots with the Post Dispatch that show the hackers threatening to publish the data if transportation officials don’t pay up. The screenshots were published on an unregulated part of the internet called the dark web, which is often used by hackers to publish ransom threats.

The same hacking group hit several other public agencies over the past year, including the City of Oakland and the San Bernardino Sheriff’s Office in California, and government agencies in the United Kingdom and Germany, security analysts say. The San Bernardino Sheriff’s Office paid the group a $1.1 million ransom.

Metro Transit, the regional transit system operated by Bi-State Development, was first hit by the cyberattack on Oct. 2. Phone and computer services for its paratransit service named Call-A-Ride were still disrupted as late as last week.

The agency took its computer systems offline after the attack, and it has since restored transit operations and secured its financial and payroll systems, said Bi-State President and CEO Taulby Roach.

Roach confirmed the attack included a ransom demand, but he said the agency is still trying to determine if…