Skip to content ↓ | Skip to navigation ↓

The website of Luas, the tram system operating in Ireland’s capital city of Dublin, has been taken offline this morning after hackers defaced the site and demanded a ransom be paid within five days.

Early morning visitors to the website were greeted with a message from the hackers, claiming that data had been stolen from operator Transdev Ireland, and would be published on the internet unless a ransom demand of one Bitcoin (approximately 3,300 Euros or US $3,800) was paid.

In the message, the hackers claim that they previously contacted the tram operator about security vulnerabilities and were aggrieved that they received no response.

The hackers were successful in getting Transdev’s attention this time, as proven by an official tweet to commuters this morning warning that they should not visit the affected website.

The defacement message itself appears to have been harmless, but the fact remains that if hackers were able to change the content displayed when web users visited the site’s homepage they could just have easily abused the domain to distribute malicious code or attempt to phish for sensitive information.

The Luas website has since been taken offline, as engineers review its security. There is no indication presently that the public transport operator has any plans to pay the extortionists any money.

And there’s also no public evidence – at this stage at least – that anything untoward has happened other than a defacement of a website.

The good news is that there has been no service impact on Luas. The only inconvenience for travellers is that they may find it trickier to look up information about when a tram leaves – rather than left waiting for a tram that never arrives.

Furthermore, the Luas website,, is an informational site which only offers travel advice and interactive maps to help the public plan their journeys. Customers buy tickets on a different site – – which does not appear to have been compromised and remains online. If true, that suggests that it is less likely that personal and financial information will have been accessed by the hackers.

Luas isn’t the only public transport system to have been impacted by cybercriminals. In late 2016, I reported on how San Francisco’s transport system, known as Muni, suffered a ransomware attack that crippled ticketing machines and forced the network to offer free rides to passengers.


Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.