A cyberattack on Oahu’s public transportation system resulting in a “massive” shutdown of online servers could be a ransomware
attack.
The Honolulu Department of Transportation Services on Thursday reported the cyberattack that disabled Oahu Transit Services servers, which caused a “mass disabling of online servers to both administrative and operating access related to TheBus and TheHandi-Van.”
The attack took place at 1 a.m., according to Roger Morton, director of DTS, during a news conference Thursday.
“Apparently, multiple servers at the Oahu Transit Services administrative offices stopped operating and were shut down,” Morton said. “There were attempts to log in and to correct it, and those were unsuccessful. Technical support people came in … and they found that they couldn’t restart the servers.”
The Federal Bureau of Investigation, the Secret Service and
Honolulu Police Department are investigating the attack, which “has the trappings” of being a
ransomware attack, according to DTS.
“We do not have any specific demand for money … but it has the trappings of a ransom demand. That’s certainly a possibility,” Morton said.
HPD said it is working with the other law enforcement agencies, but did not release any additional information about the attack.
DTS reported that no rider information has been compromised, as the servers for OTS, which is a private contractor that operates TheBus and
TheHandi-Van, are separate from Honolulu city servers.
“HOLO card information and operations are housed within City servers, which to our knowledge, are not affected at this time. The City has taken steps to minimize any possible breach of personal and financial information from the HOLO card servers. Additionally, OTS has disabled all connections to outside networks, including
basic internet connectivity. Our investigation, involving law enforcement, is ongoing; we will provide more information as it becomes available,” Travis Ota, a spokesman for DTS, said in an email.
Ota later said that it appears that just the functionality of OTS servers has been affected and that no information has been compromised.
According to the HOLO card website, users may provide their name and email address to register the card and may also provide bank or credit card information, depending on how they purchase and reload their HOLO card, which serves as a debit card to ride public transportation.
The City and County of Honolulu and DTS on Thursday temporarily shut down HOLO card and HOLO operations, including online services and call centers for the HOLO card, after the
cyberattack. Some retail locations distributing HOLO cards were reportedly unable to access HOLO card accounts, distribute or load and reload cards, according to the DTS.
TheBus website, as of Thursday evening, could not be
accessed.
TheBus continued operating “with little to no delay in service,” DTS said in a news release. Drivers for TheBus were told to let riders on board if they have a HOLO card, and riders should still tap the card reader. Cash payments are also still being
accepted.
The cyberattack so far has primarily affected the reservations for riders who use TheHandi-Van.
Access to online reservations for TheHandi-Van were disabled, so riders on Thursday had to call a reservation hotline at 808-456-5555 to reserve rides again. The reservation center will open at 5 a.m. today to make reservations for after
9 a.m.
Morton said the manual setup, which was used in the 1970s, worked “remarkably well” on Thursday, and that all callers who wanted to set up a reservation with TheHandi-Van have been accommodated. The city staged vehicles throughout Oahu so they could be dispatched to waiting customers.
Morton said there is no timeline for when OTS servers will be restored to operation.
———
Star-Advertiser staff contributed
to this story.
