Ransomware victim disclosure
← All victimsBay Area Rapid Transit
Claimed by Vicesociety · listed 4 years ago
Status timeline
- ListedJan 6, 2023
- Data leakeddate unknown
At a glance
- Group
- Vicesociety
- Status
- Data leaked
- Country
- United States
- Listed on leak site
- Jan 6, 2023
About the victim
AI dossier — public-source company profileBay Area Rapid Transit (BART) is a heavy-rail public transit agency serving the San Francisco Bay Area, operating 131 miles of track across 50 stations in five counties. It connects the San Francisco Peninsula with East Bay and South Bay communities, carrying approximately 405,000 trips on an average weekday. BART is a government-run regional transit district operating under public authority.
- Industry
- Public Heavy-Rail Transit
- Address
- 300 Lakeside Drive, Oakland, CA 94612
- Employees
- 3500
- Founded
- 1957
Attack summary
Severity: critical — BART is a critical public infrastructure operator serving hundreds of thousands of daily riders; Vice Society is known for publishing stolen data, and the disclosed status is data_published, indicating confirmed exfiltration from a government/public-sector critical infrastructure entity likely containing employee PII, operational data, and potentially sensitive security or financial records.Vice Society claims to have exfiltrated data from BART's systems, with the disclosure status listed as data_published, indicating stolen data has been released. No ransom amount was stated and no specific data volume was disclosed in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Internal BART documents
- Employee records
- Operational data
- Financial records
- Potentially personally identifiable information
What the group claims
The San Francisco Bay Area Rapid Transit District is a heavy-rail public transit system that connects the San Francisco Peninsula with communities in the East Bay and South Bay. BART operates in five counties with 131 miles of track and 50 stations, carrying approximately 405,000 trips on an average weekday.
Sources
- Victim sitebart.gov/
Source
Indexed 4 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

