Metro Vancouver transit system confirms ransomware attack, says payment data secure

VANCOUVER — Metro Vancouver’s transit authority is confirming that it was the target of a ransomware attack on part of its information technology systems.

Ransomware is a type of malicious software that disables part of a computer system or access to data until a ransom is paid. 

TransLink CEO Kevin Desmond says in a statement that the transit authority is conducting a comprehensive forensic investigation to determine how the incident occurred and what information may have been affected.

Desmond offers assurance to customers that TransLink does not store fare payment data and uses a secure third-party payment processor for all fare transactions, so TransLink doesn’t have access to that information. 

He says the transit authority took immediate steps to isolate and shut down key software and systems to contain the threat upon detection and is now working to resume normal operations. 

Customers can once again use credit and debit cards at Compass vending machines and tap-to-pay fare gates, features that were put on hold for several days. 

Customers who recently purchased monthly passes or stored value will soon see the credit loaded on their Compass Card, the statement says.

It says all transit services continue to operate regularly and no transit safety systems are affected.

“We are sharing as much as we can at this point considering this is an active investigation,” Desmond says in the statement. 

“We will provide further updates as more information becomes available.”

This report by The Canadian Press was first published Dec. 3, 2020. 

The Canadian Press