Dragonforce Ransomware Breach Compromises Oahu Transit Services Data

Incident Date:

June 15, 2024

World map

Overview

Title

Dragonforce Ransomware Breach Compromises Oahu Transit Services Data

Victim

Oahu Transit Services

Attacker

Dragonforce

Location

Honolulu, USA

Hawaii, USA

First Reported

June 15, 2024

Dragonforce Ransomware Attack on Oahu Transit Services

Overview of Oahu Transit Services

Oahu Transit Services (OTS) operates TheBus, the primary public bus system on the island of Oahu, Hawaii. With over 100 routes, TheBus connects major destinations such as Honolulu, Waikiki, Kapolei, and Pearl Harbor. OTS also manages TheHandi-Van, a paratransit service for individuals with disabilities. The organization is headquartered in Honolulu and employs a significant workforce to ensure efficient and reliable public transportation services.

Details of the Ransomware Attack

On a recent occasion, OTS fell victim to a ransomware attack orchestrated by the Dragonforce group. The attack resulted in a substantial data breach, compromising approximately 800,000 records containing sensitive personal information of customers. The leaked data includes names, addresses, phone numbers, Social Security Numbers, and other personal identifiers. Dragonforce has issued a seven-day ultimatum to OTS, threatening further harm if their demands are not met.

About Dragonforce Ransomware Group

Dragonforce is a relatively new player in the ransomware landscape, known for its aggressive tactics and dark web leak site. The group has distinguished itself by targeting organizations with significant data repositories, leveraging the threat of data exposure to coerce victims into compliance. The exact methods used by Dragonforce to penetrate OTS's systems remain unclear, but common vectors include phishing attacks, exploiting unpatched vulnerabilities, and leveraging weak security protocols.

Vulnerabilities and Impact

OTS's extensive database and critical role in public transportation make it an attractive target for ransomware groups. The organization's reliance on digital systems for route planning, scheduling, and real-time monitoring presents multiple entry points for cyber attackers. The breach not only jeopardizes the personal data of OTS's customers but also threatens the operational integrity of public transportation services on Oahu.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.