SEPTA is pointing to a malware attack on its servers for why it hasn’t been able to share important travel information with customers since Monday morning.
The authority began investigating technical issues over the weekend, later bringing in the FBI and outside information technology experts for help. SEPTA shut down real-time data like its “Next-to-Arrive” feature Monday to mitigate problems, and also halted employee email as well as access to payroll and remote timekeeping. An investigation is ongoing, according to SEPTA.
SEPTA Key card information hasn’t been compromised, said Bill Zebrowski, SEPTA’s chief information officer. He said SEPTA wasn’t the only organization affected, but didn’t provide further details.
“To our customers, we really apologize for the inconvenience and the temporary loss of real-time services on our app,” Zebrowski said. “We are doing our best. We are working around the clock to restore those operations, but we have to be confident that once we restore those, that we don’t have to shut them down again.”
It was unclear when SEPTA will be able to get real-time information back to customers. The malware attack has not affected service or caused disruptions.
Riders noted problems Monday morning and sought answers from SEPTA’s social media account on why they weren’t able to load real-time data, leaving them guessing as to when to expect vehicles. Frustrations continued into Tuesday.
SEPTA advised customers to consult printed schedules or station personnel until it is able to restore information. Ridership aboard SEPTA is picking up steam since the pandemic shutdown, with about 30% to 35% of customers returning on transit and 10% to 15% on Regional Rail as of last month.
Last year, cyber theft prompted SEPTA to shutter an online store that sold tickets and merchandise. Hundreds of customers were likely victimized.