A criminal group with ties to the Chinese government hacked into Metropolitan Transportation Authority (MTA) computer systems in April, according to a report from the New York Times.
Citing an MTA document that outlined the attack, the report claims the MTA was alerted by federal authorities on April 20. The transportation authority, which serves the New York City metropolitan area, was one of several agencies targeted by the group.
The Cybersecurity and Infrastructure Security Agency (CISA) recommended the MTA apply patches within 24 hours of the breach notification. Reports claim three of the MTA's 18 systems were affected and patched, but no details were given on which systems. The report says attackers did not gain access to systems that control train cars and rider safety was not at risk.
In another recent attack on a transportation provider, the Steamship Authority of Massachusetts said this week it was also a victim of a security incident. The Steamship Authority, which provides ferry service from Cape Cod to Nantucket and Martha's Vineyard, says it was hit by a ransomware attack that disrupted operations and led to delays.
In a Twitter statement, the company said customers may experience delays because of the attack.