The Luas website has been taken down
The Luas website has been taken down

Dublin tram system site down after hacker demands one bitcoin in ransom

But the current bitcoin price is just over £3,000

Helen Coffey
Thursday 03 January 2019 15:17

The website for Dublin’s tram system Luas has been hacked, with the perpetrators demanding one bitcoin in ransom.

Those who visited earlier today were met with a threatening message left by the hackers demanding one bitcoin, currently worth £3,055.

“You are hacked,” it read. “Some time ago I wrote that you have serious security holes.

“You didn’t reply.

“The next time someone talks to you, press the reply button.

“You must pay one bitcoin in five days.

The message left by the Luas hacker

“Otherwise I will publish all data and send emails to your users.”

It then listed an address to send the bitcoin. The message has since been removed by Luas.

The company tweeted: “The Luas website was compromised this morning, and a malicious message was put on the home page. The website has been taken down by the IT company who manage it, and their technicians are working on it.

“Luas are informed this may take the day to resolve.”

Twitter user Gavan Reilly pointed out that with the current bitcoin price hovering just north of £3,000, the hacker was “a very conscientious soul”.

Luas has promised to update customers via Twitter and Facebook, AA Road Watch and the media should there be any change to scheduled services.

Passengers can also contact Luas Customer on 1850 300 604 and

“We apologies [sic] to all Luas customers for the inconvenience,” it added on Twitter.

The incident is believed to be a ransomware attack, where hackers use a type of malicious software that threatens to publish the victim’s data or block access to it unless a ransom is paid.

Luas carried 37.6 million people in 2017 and transports 100,000 passengers on average daily.

It’s not the first time a travel company has fallen victim to an attack. In November 2018, the records of 500 million of hotel group Marriott’s customers were involved in a data breach.

The hotel chain’s Starwood division guest reservation database was compromised by an unauthorised party.

Support free-thinking journalism and attend Independent events

Customer data included names, addresses, phone numbers, email addresses, passport numbers, account information, dates of birth, gender and arrival and departure information.

In addition, Marriott said some records included encrypted payment card information – and the possibility that the encryption keys had also been stolen could not be ruled out.

“We deeply regret this incident happened,” the company said in a statement at the time.

“Marriott reported this incident to law enforcement and continues to support their investigation. The company has already begun notifying regulatory authorities.”

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in