http://www.digitaljournal.com/article/310370

Hacker group Anonymous attacks San Francisco's transit system

Posted Aug 15, 2011 by Kim I. Hartman
San Francisco's Bay Area Rapid Transit system was the target of an attack by hackers from Anonymous on Sunday which resulted in the shutdown of the BART site after contact info for more then 2,400 customers was published online by the hackivists group.
Anonymous protesting against Scientology in 2008
Steve Garfield
Anonymous protesting against Scientology in 2008
The action by Anonymous targeted BART in response to the decision by officials with the transit system to block cellphone service last Thursday to prevent people participating in a mass protest of a recent fatal police shooting from organizing and updating protesters involved in the civil discourse.
Anonymous countered BART's decision on Sunday by hacking the government website and posting the names, phone numbers, addresses and email contact information for thousands of BART customers online along with a message that read:
We are Anonymous, we are your citizens, we are the people, We do not tolerate oppression from any government agency. BART has proved multiple times that they have no problem exploiting and abusing the people. First they displayed this by the two recent killings by BART police. Under no circumstance, unless police are shot at, make police killings acceptable. Non-lethal weapons were available to use during both incidents, providing even that was necessary, but instead they shot to kill.
Next they violated the people's right to assembly and prevented other bystanders from using emergency services by blocking cell phone signals in order to stop a protest against the BART police murders.
Lastly, they set up this website called mybart.go and they stored their members information with virtually no security. The data was stored and easily obtainable via basic sqli. Any 8 year old with a Internet connection could have done what we did to find it. On top of that none of the info, including the passwords, was encrypted. It is obvious BART does no give a fuck about its customers, funders and tax payers, the people.
BART confirmed the cyber-attack after temporarily shutting down the mybart.org website and said, "Although we are still investigating the details of this incident, we know that an unauthorized person has obtained contact information from at least 2,400 of our 55,000 members. In most cases, the information consists of names, email addresses, and passwords. In some cases, the database also listed an address and phone number. No financial information is stored in the myBART database."
BART encouraged customers to protect themselves against identity theft or other financial loss by obtaining a copy of their account statement and credit reports to review them for inconsistencies or exploitation by the hackers or anyone else that might try to take advantage of the breach of the system and the subsequent release of the personal data.
Official with BART said they are bracing themselves for more attacks by Anonymous and have issued a passenger alert to notify commuters of as a planned protest scheduled for today to disrupt the transit system during the afternoon commute.
Anonymous was most recently in the news for threatening to bring down the Facebook site on Nov. 5 in response to the alleged sale of customer information to foreign governments and security agencies and for hacking the Twitter account of Norway murderer Anders Behring Breivik. The Anonymous group has stepped up their hacking exploits over the last few weeks following the arrest of the group's spokesman Topiary by London's Metropolitan Police.
The recent statement released by Anonymous called for world-wide solidarity among hackers "to make 2011 the year of leaks and revolutions."