TTC hit by ransomware attack, multiple services and systems down

Oct 30 2021, 4:41 pm

The Toronto Transit Commission (TTC) is investigating a ransomware attack that took down several systems and services on Friday afternoon.

TTC spokesperson Stuart Green said IT staff were first alerted to “unusual network activity” on Thursday evening.

The impact of the attack was initially “minimal,” but around midday Friday, the hackers “broadened their strike on network servers.”

The attack knocked down the TTC’s Vision System, which transit control uses to communicate with vehicle operators. Staff are still able to communicate via radio.

Hackers also took out the “Next Vehicle Information System” on platform screens, trip planning apps, and the TTC’s website.

Online Wheel Trans bookings are unavailable as well, as is the TTC’s internal email service.

As of Saturday morning, all the aforementioned systems and services continue to be down, Green said, noting that staff are working “safely and securely” to restore them.

He did not specify whether the hackers had requested a ransom.

“The full extent of the attack is being looked into, and the TTC is working with law enforcement and cybersecurity experts on this matter,” Green said.

“This incident did not cause significant service disruptions and here is no risk to employee or customer safety.”

As a result of the attack, the TTC has cancelled a subway closure scheduled for Saturday between St. Clair and College stations.

Zoe DemarcoZoe Demarco

+ News
+ Transportation
+ Urbanized