The Metropolitan Transportation Authority in New York had its computer systems hacked by a group with possible links to the Chinese government back in April, according to a document obtained by the New York Times.
The breach didn’t do much damage, according to officials, as the hackers didn’t gain access to trains or put any passengers at risk, however, the document shows that hackers could’ve had access to such operational systems.
Transit officials say that the cyberattack was the most significant against the MTA that’s believed to have international connections. While the attack didn’t involve “financial demands,” The NYT reports that it is likely part of several other breaches backed by China. The hackers did not take any employee or customer info, which the MTA found after a forensic audit of the attack, which IBM and Mandiant conducted.
“The MTA’s existing multilayered security systems worked as designed, preventing spread of the attack,” said MTA chief technology officer Rafail Portnoy. “We continue to strengthen these comprehensive systems and remain vigilant as cyberattacks are a growing global threat.”
A study conducted by the Mineta Transportation Institute found that only 60% of transportation agencies surveyed had a cybersecurity plan in place despite 80% saying they felt they were prepared to manage such threats.
“A lot of agencies don’t have chief security officers, much less cybersecurity officers,” said study leader Scott Belcher.
The Department of Homeland Security reportedly declined to comment for the NYT story.