BART Web site was hacked, Sunday, by Anonymous, a group of international hackers, who leaked passenger information from the site.
The user information was published on another website, including 2,001 names of users, as well as their passwords. Moreover, most of their addresses and phone numbers were also released. It is said that the agency uses those information to notify riders of contests, discounts and events.
The action would "directly affect those customers who depend upon our site, as well as the developers who use BART's open data services to serve BART customers." BART said.
The cyber attack happened after Anonymous vowed it would avenge BART, which shot down the cell phone service to prevent a protest in downtown San Francisco on Thursday afternoon.
"We are Anonymous, we are your citizens, we are the people, we do not tolerate oppression from any government agency," the hackers wrote on Internet. "BART has proved multiple times that they have no problem exploiting and abusing the people."
After the cyber attack, Anonymous did not forget to ridicule BART for losing attention of their Web's security.
BART "stored their members' information with virtually no security," the hackers wrote. "Any 8-year-old with an internet connection could have done what we did to find it. On top of that, none of the info, including the passwords, was encrypted."
BART admitted that the site's security, which is operated by an outside vendor, had been breached before. However, the site is separate from the computer network used to operate the transit system.
"We regret the inconvenience and stress that it's created for customers. We're disappointed that they would do this," said Jim Allison, an agency spokesman. According to Allison, myBART.org is "meant to be a service to our customers. We're doing everything we can to protect BART.gov, which is used by nearly 2 million people a month as an important tool."
BART shut down cell phone service between 4 and 7 p.m. last Thursday to avoid a demonstration but it stirred a lot of criticism by civil libertarians. BART had issued a statement on Friday to explain the cell phone disruption, saying that it's "one of many tactics to ensure the safety of everyone on the platform."
The demonstration was for Charles Blair Hill, a homeless, who was shot to death on July 3 on the Civic Center station platform, after he threw a bottle at police and then approached a BART officer and displayed a weapon.
However, Anonymous has called for a 5 p.m. protest of BART at Civic Center Station. BART also announced on its site www. bart.gov to ensure the riders know their alternative transportation plans in advance. If there's protest, BART might " close some stations temporarily or make other service adjustments on short notice."
"We're going to take steps to make sure our customers are safe," Allison said. "The interruption of cell phone service was done Thursday to prevent what could have been a dangerous situation. It's one of the tactics we have at our disposal. We may use it; we may not. And I'm not sure we would necessarily let anyone know in advance either way."
According to Allison, the agency will notify the people whose information has been released.
One woman, whose personal information was released Sunday, said she was angry, not at BART but at the hackers.
"I'm not upset at BART for shutting the cell service," the woman, the name unknown, said, "I'm upset at whoever is hacking this and publishing the information. They are making themselves look bad and they are disrupting BART service. They're making people unsafe."