Cyberattack on Maryland Transit Agency Disrupts Services for Persons with Disabilities

Authorities in the U.S. state of Maryland are investigating a cyberattack that has compromised information systems used to organize transportation services for people with disabilities. The Maryland Transit Administration (MTA) announced on social media and its official website that unauthorized access had been detected in several internal services.

Core transit routes—buses, the metro, and light rail—continue to operate without disruption, yet the incident has affected certain systems supporting the specialized Mobility service. This program is designed for individuals unable to reach a bus stop on their own or endure long waits for public transit. Mobility provides personalized trips from a passenger’s home directly to their destination and is managed through an online service.

The MTA reported that, due to the incident, the Mobility system is temporarily unable to accept new reservations or allow modifications to existing ones. In addition, disruptions have been observed in call centers, several informational services, and systems responsible for displaying real-time transit data.

The agency clarified that all previously scheduled Mobility trips will be fulfilled, while passengers needing new bookings are being directed to the alternative Call-A-Ride program, accessible via the website or by phone. To coordinate the response, the state’s Emergency Operations Center has been activated, with the IT department and other key agencies joining the effort.

Authorities have engaged external cybersecurity experts and law enforcement to assess the scope of the breach and mitigate its impact. At present, no hacker group has claimed responsibility for the attack.

Over the past two years, similar incidents have repeatedly occurred in other U.S. states, including Missouri and Virginia, forcing local governments to implement temporary measures to preserve transportation accessibility for people with disabilities.