Just days after a digital attack brought down payment systems at San Francisco’s MUNI rail system, the hacker responsible for the attack has threatened to release data on MUNI’s employees and customers if his ransom is not paid.
“I hope company try to fix it correctly and we can advise them,” the hacker wrote in a message obtained by The Verge. “But if they don’t, we will publish 30G databases and documents include [sic] contracts, employees data, LLD Plans, customers.”
According to CSO, the hacker is demanding 100 bitcoin, or roughly $73,000. Notably, there have been no significant transfers to the bitcoin address provided by the hacker, which currently holds just under $17.
Reached by The Verge, MUNI confirmed the ransomware attack, but said that the attack had no impact on train service or customers’ personal information. Faregates, which had been left open for days after the hack, were back to regular operation by Monday. “The incident remains under investigation,” a representative said, “so it wouldn’t be appropriate to provide any additional details at this point.”