Categories: SecurityWorkspace

Anonymous Targets San Francisco Rail Passengers

Hacktivist group Anonymous on Sunday published the personal information of thousands of customers of San Francisco’s Bay Area Rapid Transit (BART) rail system, obtained from the third-party website myBART.org.

The hack was in response to BART’s shutdown of mobile phone service in parts of San Francisco last Thursday during a protest aimed at police.

Protest

Anonymous published the names and passwords of more than 2,000 users of the myBART notifications service, operated by an independent vendor. The data included many addresses and phone numbers as well.

“We are Anonymous, we are your citizens, we are the people, we do not tolerate oppression from any government agency,” Anonymous said in a statement. “BART has proved multiple times that they have no problem exploiting and abusing the people.”

The data was stored with “virtually no security”, according to Anonymous.

“Any 8-year-old with an Internet connection could have done what we did to find it. On top of that, none of the info, including the passwords, was encrypted,” the hackers stated.

BART said it had disabled mobile phone service during the Thursday protest in order to protect train riders. The organisation said it would not rule out using a similar tactic to disrupt a planned protest on Monday at 5 p.m. PST at BART’s Civic Centre station.

“We’re going to take steps to make sure our customers are safe,” a BART spokesman told the San Francisco Chronicle. “The interruption of cell phone service was done Thursday to prevent what could have been a dangerous situation. It’s one of the tactics we have at our disposal. We may use it; we may not.”

A protest was planned on Thursday following the fatal shooting of a man by San Francisco police on 3 July. That protest failed to materialise, possibly in part because BART shut down mobile phone service in four stations. An earlier protest in July had disrupted BART service.

Other targets

Anonymous’ recent targets have included the FBI and other security groups.

The group dumped 90,000 passwords belonging to military personnel from consulting firm Booz Allen Hamilton, exposed sensitive information belonging to employees of agricultural chemical and biotechnology company Monsanto and stole more than 8GB of internal data from Italy’s cyber-crime police unit.

Before it disbanded, LulzSec lifted and published internal documents obtained during its attack on the Arizona Department of Public Safety, breached two websites belonging to FBI partners InfraGard Atlanta and InfraGard Connecticut, and broke into surveillance company Unveillance chief executive’s personal email account.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

2 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

3 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

3 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

3 days ago