Quote:The threat actors behind the Egregor ransomware are showing a prolificacy in their early months of activity. On the heels of targeting struggling U.S. retailer Kmart, the Egregor gang also disrupted the Vancouver metro system with a ransomware attack.
Translink, the Canadian city’s public transportation network, confirmed Thursday via a statement by its CEO Kevin Desmond on Twitter that it was “the target of a ransomware attack on some of our IT infrastructure” that “included communications to Translink through a printed message.”
The attack took place on Dec. 1 and left Vancouver residents and other users of the public transit service unable to use their Compass metro cards or pay for new tickets via the agency’s Compass ticketing kiosks, according to media reports. Translink officials avoided acknowledging the attack for two days, passing it off as a technical issue before being pressed by multiple local news agencies about what really was going on.
“Working with my colleague @pjimmyradio, we can confirm for @NEWS1130 that @TransLink has been hacked,” tweeted Martin MacMahon, a senior news reporter at local radio news station News 1130. “Our information comes from multiple sources within the transit authority, who have shared the ransom letter with us.”
Read more: https://threatpost.com/vancouver-metro-e...re/161892/
![[-]](https://www.geeks.fyi/images/collapse.png)
