Cyber Attack on New York Transport Authority


New York Metropolitan Transport Authority, well known shortly as MTA was reportedly hit by a cyber attack in April this year and sources report that the incident was limited only to some systems and no employee or customer info was compromised.


As per the report released to the media early today, the attack took place on the MTA servers on April 20th,2021 where hackers reportedly infiltrated the computer network through an exploited zero-day vulnerability.


Prima Facie conducted on April 22nd of this year revealed that three of the systems were impacted by the incident out of a total of 18 servers belonging to the Metropolitan Transport Authority of New York. Means 5% of employee/contractor data was targeted in the incident.


Officials informed the law enforcement agencies like FBI and CISA about the incident and took appropriate measures to contain the incident on an immediate note on the recommendation provided by Cybersecurity experts from Mandiant and IBM firms.


Additionally, the company also decided to change the passwords of its 3700 employees and contractors.


On April 25th,2021 MTA Officials migrated all of their VPN operations to other private networks to cut down any cyber risks. 


Rafail Portnoy, the Chief Technology Officer of MTA addressed the incident as true and issued a hint that the hackers behind the attack could be linked to China.


Note- In March 2021, American Tech Giant Microsoft confirmed that more than 30,000 US organizations using its Exchange Servers were targeted by a Chinese hacking group dubbed as Hafnium.

Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display