Anonymous Hacks BART Website, Leaks User Info and Passwords

It's been a busy weekend for the hacking collective known as Anonymous. Their Operation Fullerton may not have panned out, but Project BARTway was a rousing success. (If you measure success in Thousands of Civilians' Personal Information Being Compromised in the Name of Free Speech.) As they had warned, Anonymous has infiltrated Bay Area Rapid Transit System on Sunday, unfurling their pirate flag logo on the homepage of myBART.com — a promotional website — and, more disconcertingly, releasing the personal information of thousands of myBART.com users.

The action was a direct response to BART's attempts to block cellphone use last Thursday, in order to prevent a gathering at a San Francisco station to protest the fatal shooting of a homeless man by a BART police officer.

From a message to all myBART members sent out on Sunday afternoon:

Several hours ago, myBART account information was compromised in connection with an illegal and unauthorized intrusion into our system. In response to this intrusion, we will temporarily shut down the myBART.org website, and have notified law enforcement authorities.

Although we are still investigating the details of this incident, we know that an unauthorized person has obtained contact information from at least 2,400 of our 55,000 members. In most cases, the information consists of names, email addresses, and passwords. In some cases, the database also listed an address and phone number. No financial information is stored in the myBART database.

Indeed, the names, addresses, phone numbers and passwords of 2,001 myBART users were published on another website, the SF Chronicle reports. On Sunday evening, the site was still down, a white screen reading only, "This site is currently under renovation." And while the main BART site, bart.gov, appeared to be unaffected by the attacks, Californiaavoid.org, an anti-DUI traffic safety site, wasn't so lucky: As of post time, it was still crawling with Guy Fawkes masks. [@anonops]