A suspected ransomware attack has hit Auckland Transport’s Hop card system.
“Indications are that this is a ransomware attack, however, investigations are ongoing,” an AT spokesman told the Herald.
It believes the attack is isolated.
“Our customers across Tāmaki Makaurau can still catch buses, trains and ferries – our staff and operators are aware of the issue and will be letting people board even if they have been unable to top up their AT Hop card,” the spokesman said.
“We don’t expect this will cause disruptions for our customers when they’re travelling today or over coming days.”
On AT’s website, an alert informs commuters: “You should still tag on and off when travelling. If you are unable to top up your Hop card you will still be able to travel.”
AT said it may take until “early next week” to fully restore services.
Services affected include online top-ups, as well as other Hop card services using MyAT Hop on AT’s website, which are currently unavailable.
AT said to expect delays in payments being processed for top-ups, and that ticket and top-up machines are only accepting cash.
Transactions using Eftpos/credit cards are unavailable and machines may not be working.
AT said its customer service centres will also have limited functionality and may only be able to accept cash.
Retailers are unable to top up Hop cards or process other Hop services such as loading concessions.
The agency said it takes cyber security “extremely seriously”.
“We have activated our security protocols and are working with our expert partners to resolve the issue as quickly as possible, however, we anticipate it may take until early next week to fully restore these services,” AT said.
“We will fully investigate the incident and provide further details following the completion of that investigation.”
The Hop card system was designed, developed and implemented by the French multinational Thales Group.
The cyber attack comes ahead of a planned upgrade.
In June, AT said Auckland commuters will be able to pay for public transport with a simple swipe of a bank card or smartphone within the next year, using a debit card, credit card, Apple Pay or Google Pay.
Brett Callow, a threat analyst with NZ-based firm Emsisoft, said there were no immediate indications of which ransomware gang was behind the attack.
Callow monitors the dark web for customer or company data put on sale following ransomware attacks.
”James Babbage from the UK’s National Crime Agency recently said, ‘Ransomware is fundamentally about criminal monetisation of cyber vulnerabilities. The most effective systemic response is preventing future attacks by investing in increased resilience and better-protected systems.’ His comment is spot on, and the unfortunate reality is that many organisations are more vulnerable than they should be.
“We really haven’t done a good job addressing that problem, which is why ransomware is at record levels. Governments and industry need to work on new ways of approaching the problem - because existing approaches very clearly are not working - but, unfortunately, a quick fix is highly unlikely.”