GO Transit website taken offline due to worldwide cyber threat

GO Transit’s website has been taken offline “out of an abundance of caution” due to an ongoing cyber threat that is impacting web services worldwide.

On Friday evening, transportation agency Metrolinx says it was informed by the federal government about a cyber vulnerability regarding web-based services around the globe.

“As an organization, we immediately took proactive steps and began methodically searching our systems to ensure our customers and services are secure and protected,” a statement from Metrolinx read on Friday.

“Out of an abundance of caution, we have decided to proactively take down the GO Transit website until we learn more about this vulnerability.”

Metrolinx says it does not believe any of its websites or assets were exploited or compromised.

The agency says all customer, personal, and financial data systems (including PRESTO) are secure and the safety of the transit network “remains intact.”

“So far, everything looks fine. There’s no customer information or services that have been compromised. So that’s the really good news,” Metrolinx Spokesperson Anne Marie Aikins told CP24 on Saturday.

Metrolinx did not provide a timeline as to when the website will be back online.

Customers can still plan their GO trips using Triplinx and buy e-tickets at: tickets.gotransit.com.

Customers can also call GO Transit’s customer contact centre for more information at 1-800-869-3200 and are encouraged to follow GO Transit on Twitter and to check their emails for On-The-GO-Alerts.

On Friday, the Canada Revenue Agency (CRA) also proactively took its systems offline due to the security vulnerability.

“There is currently no indication that CRA systems have been compromised, or that there has been any unauthorized access to taxpayer information because of this vulnerability,” the CRA tweeted Friday night.

Experts say the bug might be the worst computer vulnerability discovered in years.

The vulnerability was discovered in a utility that is found in cloud servers and enterprise software used across industry and government services.

The bug allows for easy access to internal networks where they can steal valuable data, plant malware and erase crucial information. 

-With files from the Associated Press.