BART ready for renewed protests after cyber attack

Aug 15, 2011 By PAUL ELIAS and JOHN S. MARSHALL , Associated Press
This screen shot taken from californiaavoaid.org, an organization sponsored by Bay Area Rapid Transit (BART), shows a page from the website after it and other BART-related sites were hacked by the hacker's group Anonymous on Sunday, Aug. 14, 2011. BART district officials said they were attempting Sunday to shut down the hacker's group website that lists the names of thousands of San Francisco Bay area residents who are email subscribers of myBART.org, a legitimate BART website. (AP Photo/californiaavoaid.org)

(AP) -- San Francisco's mass transit system prepared for renewed protests Monday, a day after hackers angry over blocked cell phone service at some transit stations broke into a website and posted company contact information for more than 2,000 customers.

The action by a known as Anonymous was the latest showdown between anarchists angry at perceived attempts to limit free speech and officials trying to control protests that grow out of and have the potential to become violent.

Anonymous posted people's names, phone numbers, and street and email addresses on its own website, while also calling for a disruption of the Bay Area Rapid Transit's evening commute Monday.

BART officials said Sunday that they were working a strategy to try to block any efforts by protesters to try to disrupt the service.

"We have been planning for the protests that are said to be shaping up for tomorrow," BART spokesman Jim Allison said. He did not provide specifics, but said BART police will be staffing stations and trains and that the agency had already contacted San Francisco police.

The transit agency disabled the website, myBART.org, Sunday night after it also had been altered by apparent hackers who posted images of the so-called Guy Fawkes masks that anarchists have previously worn when showing up to physical protests.

The came in response to the BART's decision to block wireless service in several of its San Francisco stations Thursday night as the agency aimed to thwart a planned protest over a transit police shooting. Officials said the protest had been designed to disrupt the evening commute.

Computer experts said the hackers appeared to exploit an obvious hole in the site's security. BART pays another company to operate the website that offers subscribers discounted tickets and keeps them apprised of events planned by the transit agency.

"I don't think Anonymous worked very hard," said Josh Shaul, of Application Security Inc., a New York-based data base security company. "This appears to be a low-tech attack. It's really very trivial to find these vulnerabilities."

A BART spokesman didn't immediately return an email message Monday morning.

"We are Anonymous, we are your citizens, we are the people, we do not tolerate oppression from any government agency," the hackers wrote on their own website. "BART has proved multiple times that they have no problem exploiting and abusing the people."

Allison described myBART.org as a "satellite site" used for marketing purposes. It's operated by an outside company and sends BART alerts and other information to customers, Allison said.

The names and contact info published by Sunday came from a database of 55,000 subscribers, he said. He did not know if the group had obtained information from all the subscribers, he said, adding that no bank account or credit card information was listed.

The BART computer problem was the latest hack the loosely organized group claimed credit for this year. Last month, the FBI and British and Dutch officials made 21 arrests, many of them related to the group's attacks on Internet payment provider PayPal Inc., which has been targeted over its refusal to process donations to WikiLeaks. The group also claims credit for disrupting the websites of Visa and MasterCard in December when the credit card companies stopped processing donations to WikiLeaks and its founder, Julian Assange.

BART's decision to shut down wireless access was criticized by many as heavy handed, and some raised questions about whether the move violated free speech.

The problems began Thursday night when BART officials blocked wireless access to disrupt organization of a demonstration protesting the July 3 shooting death by BART police who said the 45-year-old victim was wielding a knife.

Activists also remain upset by the 2009 death of Oscar Grant, an unarmed black passenger who was shot by a white officer on an Oakland train platform. The officer quit the force and was convicted of involuntary manslaughter after the shooting.

Facing backlash from civil rights advocates and one of its own board members, BART has defended the decision to block cell phone use, with Allison saying the cell phone disruptions were legal because the agency owns the property and infrastructure.

"I'm just shocked that they didn't think about the implications of this. We really don't have the right to be this type of censor," Lynette Sweet, who serves on BART's board of directors, said previously. "In my opinion, we've let the actions of a few people affect everybody. And that's not fair."

Laura Eichman was among those whose email and home phone number were published by the hackers Sunday.

"I think what they (the hackers) did was illegal and wrong. I work in IT myself, and I think that this was not ethical hacking. I think this was completely unjustified," Eichman said.

She said she doesn't blame BART and feels its action earlier in the week of blocking was reasonable.

"It doesn't necessarily keep me from taking BART in the future but I will certainly have to review where I set up accounts and what kind of data I'm going to keep online," Eichman said.

Michael Beekman of San Francisco told the AP that he didn't approve of BART's move to cut service or the Anonymous posting.

"I'm not paranoid but i feel like it was an invasion of privacy," he said. "I thought I would never personally be involved in any of their (Anonymous') shenanigans."

The group Anonymous, according to its website, does "not tolerate oppression from any government agency," and it said it was releasing the User Info Database of MyBart.gov as one of many actions to come.

"We apologize to any citizen that has his information published, but you should go to BART and ask them why your information wasn't secure with them," the statement said.

Explore further: Fitbit to Schumer: We don't sell personal data

2.5 /5 (4 votes)
add to favorites email to friend print save as pdf

Related Stories

Hackers protest BART decision to block cellphones

Aug 15, 2011

(AP) -- Hackers broke into a website for San Francisco's mass transit system Sunday and posted contact information for more than 2,000 customers, the latest showdown between anarchists angry at perceived ...

Dutch police investigate apparent hacker attack

Dec 10, 2010

(AP) -- Police said Friday they are investigating if hackers were responsible for taking down websites of police and prosecutors in the Netherlands after the arrest of a 16-year-old for involvement in a cyberattack on several ...

Hacker group declares cyber war on US police

Aug 07, 2011

A hacker group on Saturday claimed it has "defaced and destroyed" websites at scores of US police agencies in retaliation for the arrest of suspected peers accused of hacking into the CIA, British crime agency SOCA, and ...

Recommended for you

Fitbit to Schumer: We don't sell personal data

2 hours ago

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

7 hours ago

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

How much do we really know about privacy on Facebook?

8 hours ago

The recent furore about the Facebook Messenger app has unearthed an interesting question: how far are we willing to allow our privacy to be pushed for our social connections? In the case of the Facebook ...

Philippines makes arrests in online extortion ring

8 hours ago

Philippine police have arrested eight suspected members of an online syndicate accused of blackmailing more than 1,000 Hong Kong and Singapore residents after luring them into exposing themselves in front of webcam, an official ...

Google to help boost Greece's tourism industry

21 hours ago

Internet giant Google will offer management courses to 3,000 tourism businesses on the island of Crete as part of an initiative to promote the sector in Greece, industry union Sete said on Thursday.

Music site SoundCloud to start paying artists

Aug 21, 2014

SoundCloud said Thursday that it will start paying artists and record companies whose music is played on the popular streaming site, a move that will bring it in line with competitors such as YouTube and Spotify.

User comments : 0