The TTC says it has been the victim of a ransomware attack that has shut down vital communications systems across the organization.
In a press release Friday evening, the TTC said the incident didn’t cause “significant” service disruptions and “there is no risk to employee or public safety.”
However, the attack appears to have been wide-ranging and affected multiple systems.
The agency said it could provide no timeline for when the outages would be resolved.
As of Friday evening, the Vision system normally used to communicate with vehicle operators was not functioning, forcing the agency to use a backup radio system, instead.
Next vehicle information on platform screens, planning apps, and on the TTC’s website was unavailable, as were online Wheel-Trans bookings.
Even the TTC’s internal email system was offline.
The agency said it was cancelling a planned closure of a portion of the Line 1 subway scheduled for Saturday to ensure it had enough staff available to support normal service if the communication problems aren’t fixed.
“The full extent of the attack is being looked into and the TTC is working with law enforcement and cybersecurity experts on this matter,” the agency said in its press release.
Ransomware is a kind of software that hackers use to encrypt an organization’s files. They then demand the organization pay a ransom to unlock the files.
TTC spokesperson Stuart Green would not answer questions about whether the agency had received a demand for payment, and whether it intended to pay.
“Can’t comment on status of ransom demand,” he said in a text.
According to the press release, the TTC detected unusual network activity Thursday night and began investigating.
“Impact was minimal” until midday Friday, “when hackers broadened their strike on network services.”