Maryland’s Paratransit Service Hit by Ransomware Attack

 

The Maryland Transit Administration (MTA), operator of one of the largest multi-modal transit systems in the United States, is currently investigating a ransomware attack that has disrupted its Mobility paratransit service for disabled travelers. 

While the agency’s core transit services—including Local Bus, Metro Subway, Light Rail, MARC, Call-A-Ride, and Commuter Bus—remain operational, the ransomware incident has left the MTA unable to accept new ride requests for its Mobility service, which is critical for individuals with disabilities who rely on specialized transportation. 

According to the MTA, the cybersecurity breach involved unauthorized access to certain internal systems. The agency is working closely with the Maryland Department of Information Technology to assess and mitigate the impact. Riders who had already scheduled Mobility trips prior to the attack will still receive their services as planned. However, until the issue is resolved, new bookings cannot be processed through the standard Mobility system.

In response to the disruption, the MTA is directing eligible customers to its Call-A-Ride program as an alternative. This service can be accessed online or by phone, providing a temporary solution for those in need of transportation while the Mobility system remains unavailable for new requests.

The agency has emphasized its commitment to resolving the incident quickly and securely, promising regular updates as more information becomes available. 

This incident is not isolated. Over the past two years, similar ransomware attacks have targeted paratransit and public transit services in multiple states, including Missouri and Virginia, often leaving municipalities to scramble for alternative solutions for disabled residents.

The MTA has stated that its primary focus is on ensuring the safety and security of both customers and employees. It is collaborating with government partners and media outlets to keep the public informed and to support affected communities throughout the recovery process. 

The MTA’s experience underscores the growing risk that ransomware poses to critical public infrastructure, particularly services that support vulnerable populations. As investigations continue, the agency urges customers to stay informed through official channels and to utilize available alternatives like Call-A-Ride until normal operations can resume.