Originally reported on by the New York Times, the Metropolitan Transportation Authority (MTA) was breached by suspected Chinese threat actors. The attack was the result of the threat actor breaching MTA’s Virtual Private Network and gaining access to at least three of the MTA’s 18 databases. The cyberattack did not compromise the personal information of any employees or customers, but may have impacted some contractors, said MTA officials. Since the attack was reported MTA has reviewed their security systems and the incident and confirmed that the threat actors did not gain access to any of the systems that control the subway system, buses, bridges, or railroads.
Officials from MTA state that their multi-layered security systems worked as designed and prevented the attackers from gaining access to critical systems. The MTA has also instructed 3,700 employees and contractors to change their passwords as a precaution. Attacks from state-sponsored threat actors can happen in various ways and for various reasons. Utilizing monitoring such as Binary Defenses managed Detection and Response can help identify attacks quickly and limit their damage to companies.