A threat actor claims to have breached SymbolTransport, a key provider of automated fare collection and cashless payment systems for Ukraine’s transportation infrastructure. The company is described as an official Visa partner and a significant component of the country’s national transit system.
The actor alleges to have exfiltrated a massive trove of sensitive data, including the complete source code and databases for the company’s national fare collection system. The breach also allegedly exposed the company’s full official Git repositories.
According to the actor, the compromised data includes:
- Full Postgres databases
- Complete source code for the fare collection system
- Full backups of official Git repositories
- Internal system configuration files
- Internal network information, including IP addresses and subdomains
- User email addresses
- Hashed passwords
- Service credentials and API access tokens
