Number of Luas customers whose data may have been hacked rises, firm says

Number of customers with data potentially compromised in cyberattack rises to 4,712

Tram operator Luas has said the number of customers whose data may have been compromised as a result of a cyberattack on its website two weeks ago has risen to 4,712.

The company said it had not been given an “exact timeframe” for the restoration of its website.

"Our technicians are working to restore the site as soon as possible," a spokeswoman told The Irish Times on Tuesday.

“The total number of customers whose data was potentially affected has been identified as 4,712.

READ MORE

“All customers who were potentially affected were contacted directly and our technicians are investigating the incident.”

Luas previously said it had identified 3,226 user records which may have been compromised as a result of “a professional attack” on January 3rd. It said no financial information had been compromised in the attack.

A message appeared on the Luas website on January 3rd saying “You are hacked” and referring to “serious security holes”.

It continued: “The next time someone talks to you, press the reply button you must pay 1 bitcoin in 5 days otherwise I will publish all data and send emails to your users.”

Bitcoin is a cryptocurrency and one bitcoin is currently worth about €3,200.

Security consultant Brian Honan said: “It is a surprise to me that the site has been down for so long. It is nearly two weeks now the site has not been fully restored.

“After suffering a cyberattack companies need to be able to restore their systems to a usable state to not only support their business, but also to restore customer faith and trust in the company’s ability to protect their data and the systems that data is on.

“While the site in this case is simply a static brochureware site with little customer interaction on it, it is still the company’s online shop front.

“Companies need to build cyber-resilience into their systems to firstly withstand any attacks and secondly to recover quickly in the event of a breach. We recommend to our clients that they integrate their cybersecurity incident response plans into their business continuity plans. We also recommend they run regular tests or exercises to ensure these plans operate as expected.”

Luas contacted the Data Protection Commissioner while An Garda Síochána and the Garda National Economic Bureau said they were aware of the incident.

Luas also said its site had a valid SSL digital security certificate.

A number of cyber security firms have said they were increasingly seeing companies’ websites being attacked by hackers.

Sarah Burns

Sarah Burns

Sarah Burns is a reporter for The Irish Times