Ransomware hackers who breached the network of MTA timeclock provider Kronos made off with the personal information of several current and former Metro-North employees, transit leadership said Thursday.
“Kronos recently informed us that some files containing personal information of some current and former MTA employees at one of our agencies – Metro-North Railroad – were accessed by the perpetrators of this ransomware incident,” MTA Chief Administrative Officer Lisette Camilo said in an email to the authority’s approximately 70,000 employees.
“The information accessed did not include Social Security numbers, driver’s license numbers, bank or other financial institution account numbers, or biometric information,” Camilo’s email said. “At this time, Kronos has no evidence that the personal information of any other MTA employees was accessed.”
The MTA has arranged with Kronos and its parent company to offer all current and former employees two years of free credit monitoring and identity theft protection, the email said.
The MTA is offering all current and former employees two years of free credit monitoring and identity theft protection in the wake of the stolen information.
The back-end of the MTA’s high-end timekeeping system went dark Dec. 13 after Kronos experienced the ransomware attack over the previous weekend.
