MTA Investigates Cybersecurity Incident Affecting Transit Services

BALTIMORE, Maryland – The Maryland Transit Administration (MTA) announced it is investigating a cybersecurity incident that has compromised its system. The MTA revealed that unauthorized access was detected, prompting an immediate response from its cybersecurity teams to contain the threat.

The MTA stated its core transit services—including Local Bus, Metro Subway, Light Rail, and MARC trains—are operating normally. However, the Mobility paratransit services are affected, with new trip bookings and rebookings temporarily unavailable.

“Upon detecting the incident, our cybersecurity teams immediately took actions to investigate the nature and scope of the incident, to contain the threat and to secure our systems,” the MTA said in a statement. All previously scheduled Mobility trips for the week will continue as planned.

For riders needing urgent medical assistance, the MTA advises contacting healthcare providers or dialing 911 in emergencies. Eligible riders are encouraged to utilize the Call-A-Ride service by calling 410-664-2030.

The service also noted that certain information systems, such as real-time tracking and call centers, have been impacted, meaning notifications about train arrivals may not be available. To ensure a smooth experience, the MTA recommends that all riders, including students on their first day of school, allow extra time for travel and arrive early at their pickup locations.

The Maryland Department of Emergency Management has activated the Statewide Emergency Operations Center, working alongside the MTA and the Department of Information Technology to address the situation. The MTA is collaborating with third-party cybersecurity experts and law enforcement to assess the extent of the incident and mitigate its effects. Updates will be provided as more information becomes available.