The Municipal Railway (MUNI) systems of San Francisco were breached on Friday afternoon and began handing out free rides to all passengers, with the gates remaining open until late Saturday.
Although the hacker who managed to break the company did not reveal his name, he left a message calling for a ransom from the San Francisco authorities to restore the service by deciphering its systems.
MUNI station displays showed the message:
“You Hacked, ALL Data Encrypted. Contact For Key(cryptom27@yandex.com)ID:681 ,Enter,” while machines printed tickets with short messages, such as “Out of Service” and “Metro Free.”
After contacting the hacker, the San Francisco authorities have confirmed that the hacker sought an agreement with MUNI to restore the metro services.
MUNI, for its part, said that transport services were not affected in any way and that the gates were deliberately open "to minimize customer impact."
"As the investigation is still ongoing, no further details will be given at this point," said MUNI spokesman Paul Rose.
The conversation between the service and the hacker continued in an email post officehey, the attacker calling himself “Andy Saolis” demanded 100 Bitcoins (or $73.000) to remove the malware.
At the moment, all the station's automatic ticket systems do not work, as MUNI staff are still trying to cope with the attack and remove the malware.