Auckland Transport Cyberattack – A Possible Ransomware Hit?

Major companies all over the world have been targeted with all sorts of malicious attacks in the past couple of months. If it’s not a regular breach, it’s ransomware, and the list goes on. A couple of weeks ago, the victim was none other than one of the biggest meal delivery services in the US – Mom’s Meals. Now, it’s New Zealand’s own –  Auckland Transport (AT) transportation authority.

As big and reputable as the company is, such an attack can be very impactful on the company’s customers. There’s no denying that.

However, investigations are still taking place as we speak. Is it a data breach? Is it another ransomware attack? We’ve discussed everything in the following article.

AT Hit Hard – Parts of Network Offline

As we mentioned, cybercriminals seem to be hellbent on targeting companies with major statuses all over the globe.

The bigger they are, the harder they fall? Not in the cybercrime universe. In fact, when it comes to attacks, the bigger they are, the more beneficial the attack is.

When a company is reputable and has millions of customers, threat actors will definitely put it on their radar. If it’s not the target, it might be used to gain people’s trust and launch massive phishing attacks.

This was the case with various attacks in the past, such as the one that occurred with Zimbra users a month ago.

Now, our focus goes to AT (Auckland Transport) – the entity that is responsible for public transport through trains, busses, as well as ferries.

Not only that, but AT also takes care of designing and building roads and other infrastructure. If that doesn’t put a target on its back, we don’t know what would.

According to the company, it started experiencing some problems with its HOP services (integrated ticketing and fares system). AT directly indicated that there’s a cyberattack in place.

However, the company also ensured its customers that they’ll be able to travel despite everything going on at the moment:

“The issue is impacting top-ups and other HOP card services. Our staff and operators will ensure you are still able to travel, even if your HOP card is unable to be topped-up.”

The incident caused a lot of problems in some parts of AT’s systems. But it was effective enough to shut them all down.

The Affected Services:

In an update, AT stated what the impacted services are: (Friday, September 15th, 2023)

• Online top-ups, as well as other AT HOP services using MyAT HOP on our website, are currently unavailable.
• Existing auto top-ups will still work, but there will be a delay in the payment being processed.
• Ticket and top-up machines are only accepting cash payments. Transactions using Eftpos/credit cards are unavailable. Some machines may not be working.
• AT customer service centers will have limited functionality, and most are only able to accept cash payments.
• AT HOP retailers are unable to top up HOP cards or process other AT HOP services like loading concessions.

AT believes that no personal or financial data has been accessed. However, in these types of attacks, we should always remain vigilant.

If any details were exposed, they could be later used in phishing attacks and various malicious practices.

Auckland Transport – Is it Ransomware?

The company states that it takes cyber security extremely seriously and that it’s working with expert partners to resolve the issue as quickly as possible.

In its statement, AT notified its users that everything would go back to normal as early as next week. As for who’s behind it, AT said that there’s no indication that it’s a ransomware attack.

No ransomware groups have yet adopted the attack on AT’s systems, but we’ll update you as soon as we receive news.