Maryland’s transit network faced widespread disruption this week after a cyberattack targeted key information systems.
Critical Systems Under Attack
The Maryland Transit Administration (MTA) and the Department of Information Technology (DoIT) moved quickly to contain the damage.
The breach was detected when security teams noticed unauthorized access to MTA’s back-end systems. Within minutes, cybersecurity specialists were mobilized to isolate affected servers and block further intrusions. Emergency countermeasures were rolled out to protect customer data and stabilize transit operations.
The Maryland Department of Emergency Management (MDEM) activated the Statewide Emergency Operations Center (SEOC) early in the morning. Officials from MTA, DoIT, and MDEM, along with other state agencies, gathered to coordinate the response.
While the attack caused serious disruptions to scheduling and rider information, the good news is that most of the state’s public transit services remain operational. These include Local Bus, Metro Subway, Light Rail, MARC trains, Mobility paratransit, Call-A-Ride, and Commuter Bus services.
Protecting Against Cyber Attacks on Critical Infrastructure
Impact on Riders and Services
Despite transit vehicles continuing to run, the attack left a noticeable impact on passengers. Real-time updates on bus and train movements stopped working in many areas. Riders reported blank screens or slow updates when trying to check arrival times.
MTA’s call centers, normally a lifeline for riders seeking updates, also experienced interruptions. This left many commuters confused and searching for alternatives to get accurate information.
The most serious impact was felt by Mobility users. The digital booking system for the paratransit service became inoperative. Customers could not make new reservations or change existing trips. Fortunately, rides already scheduled will still be honored. However, for frequent riders who depend on the service for daily travel and medical appointments, this breakdown caused high levels of concern.
Officials quickly advised Mobility users to turn to the Call-A-Ride program for non-urgent trips. Reservations for this service can still be made through the official website or by phone. Those with immediate medical needs were urged to contact healthcare providers or dial 911 in case of emergencies.
In the meantime, MTA encouraged commuters to rely on static schedules in PDF form and printed timetables, all available on the official MTA website. These resources will guide riders until real-time digital systems are restored.
Taiwan’s web infrastructure hacked through customized open-source tools by UAT-7237
Security Response and Public Assurance
Authorities emphasized that the attack did not extend to physical systems controlling train operations or safety equipment. This means passengers and employees were never placed at risk of physical harm.
A DoIT spokesperson confirmed that transit safety remained intact at all times. “At no point was the safety of riders or workers compromised,” the official said.
MTA reassured customers that protecting data and restoring normal service were the agency’s top priorities. To speed recovery, they brought in leading third-party cybersecurity experts. The agency is also working with state and federal law enforcement to investigate the origin of the breach.
The Maryland Department of Transportation (MDOT) leadership also stressed that no evidence suggested a compromise of train control systems or onboard passenger safety devices. The focus of the attack was on information and scheduling systems rather than physical infrastructure.
In a public statement, MTA urged commuters to stay informed through official channels. Updates are being shared regularly on the agency’s website and through its social media platforms. Riders were encouraged to sign up for text and email alerts to receive the latest service advisories directly.
The Maryland transit disruption has highlighted the challenges faced by public-sector organizations in protecting large, interconnected systems. It also underscored the importance of rapid coordination between different agencies when a crisis hits.
For now, riders across the state are adjusting to travel without digital assistance. While trains and buses remain on the move, commuters are depending on traditional timetables, call-in services, and official notices to navigate their journeys.
