The payment deadline has passed, it looks like the attackers will again be left with a nose.
Pierce Transit, a public transit company in Pierce County, Washington, has confirmed that a ransomware attack compromised some of its systems two weeks ago. According to the company, the attack occurred on February 14 and forced the organization to take temporary workarounds.
“Third-party forensic experts were brought in to thoroughly investigate the nature and extent of the incident, and law enforcement agencies were notified. It is important to note that our transit operations and passenger safety were not affected by this incident,” Pierce Transit said.
The LockBit ransomware group claimed responsibility for the attack and demanded a ransom by February 28. Representatives of Pierce Transit said that the deadline for granting the ransom had already expired. Apparently, the company did not pay the ransom to the attackers.
“All transport services are operating as usual. In the early post-incident period, temporary workarounds were introduced for some affected administrative systems. Now most of the internal operations are fully restored, ”added Pierce Transit.
The incident is still being investigated, experts are trying to understand what confidential data the hackers were able to access. LockBit said it stole internal communications, non-disclosure agreements, customer data, contracts and more.
Pierce Transit intends to take additional security measures to "reduce the likelihood of a similar problem recurring" and to keep customers and the press informed about the progress of the investigation.