Malicious hackers on Thursday defaced the website for Luas, a public tram system based in Dublin Ireland, posting a ransom demand that threatened to publish data they claim to have stolen from the transport service.
The Ireland-based division of Transdev, the transportation company that runs Luas, took its site offline in response to the incident. The company also publicly disclosed that the website compromise may have affected the data records of 3,226 people who had signed up for the Luas newsletter, the Irish Examiner reported.
"You are hacked. Some time ago I wrote that you have serious security holes. You didn't reply," the ransom note reportedly stated. "The next time someone talks to you, press the reply button. You must pay 1 Bitcoin in 5 days. Otherwise I will publish all data and send emails to your users," the message continued, providing a Bitcoin wallet address to receive the funds. (SC Media has edited the ransom note for clarity.)
"The Luas website was compromised this morning, and a malicious message was put on the home page," Luas' operators posted on the tram service's Twitter page. "The website has been taken down by the IT company who manage[s] it, and their technicians are working on it... this may take the day to resolve."
An earlier tweet from Luas officials requested that individuals not visit the tram service's official website, Luas.ie, due to the ongoing situation. As of 5:15 ET, the website stated: "The Luas website is undergoing restoration following a cyberattack."