San Francisco Municipal Transportation Agency Hit by Ransomware

October 10, 2022


During the Thanksgiving weekend, the San Francisco Municipal Transportation Agency, sometimes called Muni or SFMTA, was the victim of a ransomware attack that affected internal computer systems including email and ticketing. It used backup data to restore most of the affected system in the next few days, minimizing the attack's impact. The hacker's goal was to extort 100 bitcoins ($73,000) from the SFMTA for the release of its systems. SFMTA denied paying the ransom and restored its systems on its own. It reportedly lost up to $50,000 in uncollected fees by the time systems recovered from the attack.

Incident Date

November 26, 2016

Estimated Cost


Type of Malware

No Malware identified

Threat Source

No threat source identified