© 2024 WOSU Public Media
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations

COTA: Investigation finds no evidence of data accessed during December cybersecurity breach

Esther Honig

Officials with the Central Ohio Transit Authority report an outside investigation found no evidence that riders' personal data was accessed during a cybersecurity breach last December.

COTA announced the breach Dec. 14, having learned two days earlier that an "outside organization" had accessed its IT network.

The incident led the transit authority to temporarily take its network systems offline as a precaution.

A COTA spokesman said in a statement that security firm Surefire Cyber analyzed data and logs from nearly 590 systems.

The company determined that while an unauthorized third party did access a COTA IT server, they found no indication that any personal employee or customer information was accessed. Additionally, zero evidence was found of any active cybersecurity threat.

While no data was accessed, COTA says it will offer employees three-bureau credit monitoring for one year at no charge. "This benefit provides added assurance that COTA is committed to protecting employees," the statement read.

COTA continued operating all transit services during the IT network outage. All customer-facing systems are back online, including real-time transit vehicle tracking and onboard Wi-Fi.

Matthew Rand is the Morning Edition host for 89.7 NPR News. Rand served as an interim producer during the pandemic for WOSU’s All Sides daily talk show.