{"id":249553,"date":"2026-04-03T04:15:20","date_gmt":"2026-04-03T04:15:20","guid":{"rendered":"https:\/\/www.newsbeep.com\/us-ca\/249553\/"},"modified":"2026-04-03T04:15:20","modified_gmt":"2026-04-03T04:15:20","slug":"l-a-metro-confirms-it-was-hacked-is-getting-systems-back-online","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/us-ca\/249553\/","title":{"rendered":"L.A. Metro confirms it was hacked, is getting systems back online"},"content":{"rendered":"\n<p>L.A. Metro shut down parts of its network after its security team detected hacking activity last month, and law enforcement and cybersecurity specialists are continuing to investigate who was behind the attack, authorities said.<\/p>\n<p>\u201cOn Monday, March 16, Metro proactively limited employee access to many internal administrative computer systems after the agency\u2019s security team discovered unauthorized activity,\u201d an agency spokesperson said. \u201cThroughout this time Metro\u2019s essential rail and bus service has continued to run uninterrupted, as have our vital transit safety and security systems.\u201d<\/p>\n<p>Metro board member Fernando Dutra said the agency had been working through a painstaking process to bring systems back online, an effort that  continues. That includes reviewing about 1,400 servers individually to ensure they are secure before restoring access and bringing systems back online, he said.<\/p>\n<p>\u201cWhen you think in terms of how big we are \u2014 we\u2019re a beast,\u201d Dutra said. \u201cAnd so before we can turn the water spigot back on, we have to go through and check each one of these servers to make sure it\u2019s clean. So that\u2019s the reason it\u2019s taking a little bit longer.\u201d<\/p>\n<p>The full scope and origin of the attack remain unclear, and Dutra emphasized that the investigation was continuing. He said officials did not yet know who was behind the breach or what data, if any, might have been targeted.<\/p>\n<p>\u201cWhat is amazing [to] us [is] that we were able to maintain all of our bus and train services throughout this entire process,\u201d he said.<\/p>\n<p>Metro is not the only regional public agency to have its computer systems targeted in a cyberattack. <\/p>\n<p>The Los Angeles County Superior Court was <a class=\"link\" href=\"https:\/\/www.fbi.gov\/how-we-can-help-you\/scams-and-safety\/common-scams-and-crimes\/ransomware\" target=\"_blank\" rel=\"nofollow noopener\">hit by a ransomware attack<\/a> in 2024 that infected its computer system with damaging software, <a class=\"link\" href=\"https:\/\/www.latimes.com\/california\/story\/2024-07-22\/la-county-court-ransomware\" rel=\"nofollow noopener\" target=\"_blank\">forcing it to shut down for two days<\/a>. <\/p>\n<p>A year earlier, <a class=\"link\" href=\"https:\/\/www.latimes.com\/california\/story\/2023-06-29\/ucla-confirms-it-was-hit-by-ransomware-attack-feds-offer-10-million-reward\" rel=\"nofollow noopener\" target=\"_blank\">UCLA was the victim of a cyberattack<\/a>, and San Bernardino County <a class=\"link\" href=\"https:\/\/www.latimes.com\/california\/story\/2023-05-06\/hackers-targeted-a-california-sheriffs-department-should-they-have-paid-the-ransom\" rel=\"nofollow noopener\" target=\"_blank\">paid a $1.1-million ransom<\/a> after the Sheriff\u2019s Department was hacked. The Los Angeles Unified School District\u2019s network was breached in 2022, when about 2,000 student records, some of which included Social Security numbers, were <a class=\"link\" href=\"https:\/\/www.latimes.com\/california\/story\/2023-02-22\/lausd-cyber-attack-includes-at-least-2-000-student-records\" rel=\"nofollow noopener\" target=\"_blank\">posted on the dark web<\/a> after the district refused to pay ransom to hackers.<\/p>\n","protected":false},"excerpt":{"rendered":"L.A. Metro shut down parts of its network after its security team detected hacking activity last month, and&hellip;\n","protected":false},"author":2,"featured_media":249554,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[4742,1794,37904,41281,46880,111215,111217,35385,48,52,51,47,50,49,2959,5848,77576,111214,111216,2637,11936],"class_list":{"0":"post-249553","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-los-angeles","8":"tag-agency","9":"tag-attack","10":"tag-bus-service","11":"tag-cyberattack","12":"tag-dutra","13":"tag-employee-access","14":"tag-essential-rail","15":"tag-l-a-metro","16":"tag-la","17":"tag-la-headlines","18":"tag-la-news","19":"tag-los-angeles","20":"tag-los-angeles-headlines","21":"tag-los-angeles-news","22":"tag-march","23":"tag-network","24":"tag-ransom","25":"tag-security-team","26":"tag-server","27":"tag-sheriff","28":"tag-system"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/posts\/249553","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/comments?post=249553"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/posts\/249553\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/media\/249554"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/media?parent=249553"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/categories?post=249553"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/us-ca\/wp-json\/wp\/v2\/tags?post=249553"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}