Honolulu Star-Advertiser

Thursday, December 12, 2024 76° Today's Paper


Top News

TheBus, Handi-Van websites remain offline following cyberattack

TheBus and TheHandi-Van websites and real-time GPS vehicle information for both remain offline today and the city suffered a second cyberattack Sunday night that disabled the Board of Water Supply’s timekeeping system.

TheBus and TheHandi-Van websites, along with real-time GPS vehicle information websites HEA for TheBus and EVA TheHandi-Van, remain offline. Mobile applications Transit and DaBus are reporting scheduled data instead, but not real-time locations, Deputy Director of the city Department of Transportation Services Jon Nouchi told the Honolulu Star-Advertiser this afternoon.

HOLO cards are not working, but riders are encouraged to show them to the driver and tap them as usual.

“OTS has restored the most critical operations networks to enable TheBus and TheHandi-Van to operate regularly. We are meticulously rebuilding and re-configuring all servers and user desktops to ensure no traces of the attack remain before bringing networks back online,” Nouchi said. “Pending reasonable security checks and acceptable security assurances on the OTS network, we will restore the HOLO card system and work towards a full restoration of all regular network services with an emphasis on security, risk, and caution. At this time, we do not believe any personal or financial information was compromised. We apologize for any inconvenience to our passengers.”

Speaking to the Star-Advertiser’s “Spotlight Hawaii” livestream this morning, Honolulu Mayor Rick Blangiardi said he was briefed this morning about a “rash” of similar cyber attacks happening nationwide.

There have been at least a half-dozen ransomware attacks and network intrusions impacting online scheduling applications for bus, train and para-transit services across the country this year including New York City, Santa Clara, and Ann Arbor Michigan.

“We had another one this morning on something else that’s come up,” said Blangiardi, on Spotlight. “We did not get any ransom demands. … We’re doing everything we possibly can (to restore and secure online operating systems).”

The Federal Bureau of Investigation, Cybersecurity and Infrastructure Security Agency, Honolulu Police Department, and the U.S. Secret Service are investigating the ransomware attack that continues to cripple Oahu Transit Service systems. The FBI is providing resources to resolve the intrusion at OTS, the agency said in a Sunday news release.

“The investigation is continuing and no additional information is being released at this time,” said HPD spokeswoman Michelle Yu today, referring to the attack on TheBus.

On Sunday night the Board of Water Supply was notified that a ransomware attack hit Kronos Private Cloud services, which includes BWS’ “Kronos Workforce” timekeeping system. The BWS immediately shut off all access to Kronos.

The parent company of Kronos, UKG, took immediate action to investigate this issue, according to a news release. At the moment, BWS customers are not affected by this incident but “out of an abundance of caution”, BWS is advising its employees to check their credit reports and be aware of any unusual or unauthorized activity, according to the news release.

It is not immediately known if HPD and the FBI are looking into the BWS cyberattack.

By participating in online discussions you acknowledge that you have agreed to the Terms of Service. An insightful discussion of ideas and viewpoints is encouraged, but comments must be civil and in good taste, with no personal attacks. If your comments are inappropriate, you may be banned from posting. Report comments if you believe they do not follow our guidelines. Having trouble with comments? Learn more here.