WMATA Twitter Account Hacked

The Washington Metropolitan Area Transit Authority (WMATA) has said a hacker was responsible for several obscene messages which appeared on one of its social media accounts earlier this week.

WMATA's Twitter account, which has more than 302,000 followers, was compromised in the early hours of Monday morning. At around 3:40am, the attacker changed the name of the account from 'Metro' to 'Blueface Da Bus,' then left a series of unsolicited comments, some of which contained profanities.

One of the posts left by the hacker read: "ok serious question. are we a good bus station or are we ass [sic]."

Another post read “anyone here have boobs lol,” while others discussed booties. 

The hacker then offered to share the login credentials for the account with other users, posting: "anyone want the login I'm tired." 

Shortly after Blueface began turning WMATA's Twitter account blue, the Twitter account of @Metrorailinfo was reportedly taken over by an unauthorized party. The hack came after Metrorail Info account warned its followers that the @wmata account had been hacked and they shouldn't follow it.

The @MetrorailInfo hacker posed as a disgruntled social media manager, posting: "we ain't hacked I just hate being a social media manager for a F---ING BUS TWITTER."

The transit authority told ABC7 News that it was investigating the security incident to determine who was behind the hack. 

"We are aware that Metro’s Twitter accounts @WMATA @MetrorailInfo were hacked and obscene posts were made that do not represent Metro’s organization or culture," said WMATA in a statement to ABC7 News on Monday morning.  

"The posts will be removed, and our account will be secured. We are working to understand who may be responsible for this breach."

By 6.00am on Monday, WMATA had regained control of the account and deleted the hacker's posts. The Metrorail Info was secured on Monday afternoon. 

One Twitter user, calling themselves FIXWMATA, commented on the attack: "Just a friendly reminder: perhaps think twice before entrusting your credit card information to a transit system that can't even secure their own Twitter account." 

WMATA has faced criticism recently after more than half its rolling stock was recalled over a flaw that caused a derailment.  

What’s Hot on Infosecurity Magazine?