Categories: SecurityWorkspace

Anonymous Targets San Francisco Rail Passengers

Hacktivist group Anonymous on Sunday published the personal information of thousands of customers of San Francisco’s Bay Area Rapid Transit (BART) rail system, obtained from the third-party website myBART.org.

The hack was in response to BART’s shutdown of mobile phone service in parts of San Francisco last Thursday during a protest aimed at police.

Protest

Anonymous published the names and passwords of more than 2,000 users of the myBART notifications service, operated by an independent vendor. The data included many addresses and phone numbers as well.

“We are Anonymous, we are your citizens, we are the people, we do not tolerate oppression from any government agency,” Anonymous said in a statement. “BART has proved multiple times that they have no problem exploiting and abusing the people.”

The data was stored with “virtually no security”, according to Anonymous.

“Any 8-year-old with an Internet connection could have done what we did to find it. On top of that, none of the info, including the passwords, was encrypted,” the hackers stated.

BART said it had disabled mobile phone service during the Thursday protest in order to protect train riders. The organisation said it would not rule out using a similar tactic to disrupt a planned protest on Monday at 5 p.m. PST at BART’s Civic Centre station.

“We’re going to take steps to make sure our customers are safe,” a BART spokesman told the San Francisco Chronicle. “The interruption of cell phone service was done Thursday to prevent what could have been a dangerous situation. It’s one of the tactics we have at our disposal. We may use it; we may not.”

A protest was planned on Thursday following the fatal shooting of a man by San Francisco police on 3 July. That protest failed to materialise, possibly in part because BART shut down mobile phone service in four stations. An earlier protest in July had disrupted BART service.

Other targets

Anonymous’ recent targets have included the FBI and other security groups.

The group dumped 90,000 passwords belonging to military personnel from consulting firm Booz Allen Hamilton, exposed sensitive information belonging to employees of agricultural chemical and biotechnology company Monsanto and stole more than 8GB of internal data from Italy’s cyber-crime police unit.

Before it disbanded, LulzSec lifted and published internal documents obtained during its attack on the Arizona Department of Public Safety, breached two websites belonging to FBI partners InfraGard Atlanta and InfraGard Connecticut, and broke into surveillance company Unveillance chief executive’s personal email account.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

OpenAI In Talks With California Over For-Profit Shift

OpenAI reportedly begins early talks with California attorney general over complex transition from nonprofit to…

3 hours ago

EU To Assess Apple’s iPad Compliance Plans

European Commission says it will review Apple's iPad compliance with DMA rules as it seeks…

3 hours ago

James Dyson Says ‘Spiteful’ Budget Will Kill Start-Ups

James Dyson delivers most high-profile criticism so far of Labour's first Budget that raises £40bn…

4 hours ago

Nvidia, Meta Ask Supreme Court To Axe Investor Lawsuits

Nvidia, Meta bring cases before US Supreme Court this month seeking tighter limits on investors'…

4 hours ago

Nvidia To Replace Intel On Dow Jones Industrial Average

Nvidia to replace Intel this week on Dow Jones Industrial Average after years of turmoil…

5 hours ago

Toyota-Backed Joby Flies ‘Air Taxi’ In Japan

Joby Aviation and Toyota Motor complete demonstration flight in Shizuoka as companies prepare to bring…

5 hours ago