The MTA’s Computer Systems Breached By Chinese Cybercriminals

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360

New York City’s Metropolitan Transportation Authority (MTA), which runs the city’s bus and subway systems, has disclosed on Wednesday it had its systems hacked in April 2021.

The Metropolitan Transportation Authority (MTA) is a public benefit organization that is in charge of public transportation in the New York City metropolitan area of the U.S. state of New York.

The MTA is the largest public transit authority in the United States, carrying over 11 million passengers on an average weekday systemwide, and over 850,000 vehicles on its seven toll bridges and two tunnels per weekday.

The threat actors, believed to have connections to the Chinese Government, penetrated the MTA network employing flaws in Pulse Connect Secure, a commercial VPN solution that provides employees remote access to their company’s network.

As stated by Rafail Portnoy, MTA’s Chief Technology Officer, the cybercriminals did not obtain access to systems that control train cars and rider safety was not at risk, adding that the intrusion seemed to have done little damage. No access to staff or customer-sensitive data was acquired during the hack.

The MTA quickly and aggressively responded to this attack, bringing on Mandiant, a leading cybersecurity firm, whose forensic audit found no evidence operational systems were impacted, no employee or customer information breached, no data loss, and no changes to our vital systems.


MTA officials stated the attack occurred at around 8 p.m. on April 20. It said the Cybersecurity and Infrastructure Security Agency, National Security Agency, and FBI informed MTA of the breach.

By the next morning, MTA declared it had executed the required security patches, recommended by CISA, to fix the flaw.

Importantly, the MTA’s existing multi-layered security systems worked as designed, preventing the spread of the attack and we continue to strengthen these comprehensive systems and remain vigilant as cyber-attacks are a growing global threat.


According to a cybersecurity company that collaborates with the federal government, the attack on the MTA did not involve financial requests and instead seems to be part of a recent series of global intrusions by…