Data Breach - Data Analysis of myBART Info Reveals Weak Passwords - eWeek Security Watch
Security Watch
SHARE
Facebook X Pinterest WhatsApp

Data Analysis of myBART Info Reveals Weak Passwords

Written By
Fahmida Y. Rashid
Fahmida Y. Rashid
Aug 16, 2011
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Identity Finder released a detailed analysis of the data hacktivist collective Anonymous released Aug. 14 after successfully breaching the myBART.org Website. The attack on the Website maintained by the Bay Area Rapid Transit authority to allow riders to get service information and plan their trips was prompted by the agency officials to temporarily suspend cellular service on select train stations.

With the service disruption on Aug. 11, a planned demonstration protesting two fatal shootings of passengers by transit police, one in July and the other in 2009, did not occur. Officials of the San Francisco-area regional train system claimed organizers were using mobile devices on the platforms to coordinate the protest, and disconnecting cellular service was for the greater public good.

Anonymous blasted the service interruption and stole the database containing personal information for more than 2,000 riders who used the myBART.org Website. According to the Identity Finder analysis, the files released on various torrent sites contained 2,000 passwords, 1,764 email addresses, 301 phone numbers and 88 passwords. The top five cities with victims affected by this breach are Oakland, San Leandro, Alameda, Walnut Creek, and San Francisco, Calif.

The number of passwords released is of grave concern, as password reuse is a “serious problem,” Todd Feinman, Identity Finder’s CEO said.

Criminals will be trying the email address and password combinations to see if they can get into various Webmail, bank and retailer sites, Feinman said. Recent data analysis have shown that password reusage remains rampant amongst Internet users despite recent high-profile data breaches

Some users create site-specific passwords by including characters related to the name of the Website in the password. It may not increase security, but it does stop password reuse, according to Identity Finder. However, the company found that only 1.5 percent of the passwords used this type of password, and the remainder were generic terms and could easily be reused on other services.

Identity Finder performed a similar data analysis on the dumped data stolen from 70 local law enforcement offices around the country just last week.
Fahmida Y. Rashid
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information