This site is protected by reCAPTCHA and the Google
Terms of Service apply.
The Societe de transport de Montreal (STM) yesterday completed an internal investigation of a ransomware cyber attack that occurred Oct. 19.
Investigators found a virus retrieved data from five of the agency's 6,500 computers and 38 of its 1,000 servers.
Some low sensitivity personal information was accessed on 24 employees and 72 riders from STM's three networks, including the metro system in Montreal. The information was mostly first and last names, email addresses and phone numbers. In two cases, employees had more sensitive information stolen by the hacker.
STM was able to isolate its systems within four hours of the cyber attack and restore the 600 — out of a total of 1,600 — critical servers that were affected.
STM estimated the cost to restore the servers was CA$2 million, plus the cost of lost time. The agency is preparing to file a claim with its insurers, STM officials said in a press release.
The investigation showed that the attack was made using a sophisticated variant of the RansomExx computer virus, which included a high level of automation.