Hacktivist group Anonymous on Sunday published the personal information of thousands of customers of San Francisco’s Bay Area Rapid Transit (BART) rail system, obtained from the third-party website myBART.org.
The hack was in response to BART’s shutdown of mobile phone service in parts of San Francisco last Thursday during a protest aimed at police.
Anonymous published the names and passwords of more than 2,000 users of the myBART notifications service, operated by an independent vendor. The data included many addresses and phone numbers as well.
“We are Anonymous, we are your citizens, we are the people, we do not tolerate oppression from any government agency,” Anonymous said in a statement. “BART has proved multiple times that they have no problem exploiting and abusing the people.”
The data was stored with “virtually no security”, according to Anonymous.
“Any 8-year-old with an Internet connection could have done what we did to find it. On top of that, none of the info, including the passwords, was encrypted,” the hackers stated.
BART said it had disabled mobile phone service during the Thursday protest in order to protect train riders. The organisation said it would not rule out using a similar tactic to disrupt a planned protest on Monday at 5 p.m. PST at BART’s Civic Centre station.
“We’re going to take steps to make sure our customers are safe,” a BART spokesman told the San Francisco Chronicle. “The interruption of cell phone service was done Thursday to prevent what could have been a dangerous situation. It’s one of the tactics we have at our disposal. We may use it; we may not.”
A protest was planned on Thursday following the fatal shooting of a man by San Francisco police on 3 July. That protest failed to materialise, possibly in part because BART shut down mobile phone service in four stations. An earlier protest in July had disrupted BART service.
Anonymous’ recent targets have included the FBI and other security groups.
The group dumped 90,000 passwords belonging to military personnel from consulting firm Booz Allen Hamilton, exposed sensitive information belonging to employees of agricultural chemical and biotechnology company Monsanto and stole more than 8GB of internal data from Italy’s cyber-crime police unit.
Before it disbanded, LulzSec lifted and published internal documents obtained during its attack on the Arizona Department of Public Safety, breached two websites belonging to FBI partners InfraGard Atlanta and InfraGard Connecticut, and broke into surveillance company Unveillance chief executive’s personal email account.
OpenAI reportedly begins early talks with California attorney general over complex transition from nonprofit to…
European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…
James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…
Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…
Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…
Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…