The Southeastern Pennsylvania Transportation Authority [SEPTA] is recovering from a reported cyberattack that resulted in the Philadelphia-area transit agency shutting down its real-time bus and rail information for two weeks, exasperating customers returning to the service’s lines after a pandemic-induced slump.
The incident, which was reported Aug. 10, involved an unnamed form of malware that infected SEPTA’s networks, including systems that advise riders when the next train or bus is arriving. While the authority advised its riders to consult printed schedules or station personnel, the loss of live updates prompted numerous Philadelphia residents to take their complaints to SEPTA’s social media accounts, after not being able to look up that information on their phones using the authority’s TransitView tool. The agency also said at the time that the attack did not expose any customer data connected to its automated fare cards.
Real-time train and bus information was finally restored Monday, SEPTA said, but the Philadelphia Inquirer reported the effects of the reported cyberattack run much deeper at the agency. According to the Inquirer, the attack also caused SEPTA employees to lose access to their email accounts, phone directories and multiple file servers, with little indication of when those systems might be restored.