Due to a cyber-attack on Strætó

Notice to ride-hailing service users regarding a security breach in Strætó's systems

As has been reported in the media, Strætó was the victim of a hostile cyber-attack by foreign attackers at the end of December, who managed to breach Strætó's systems and copy the data and information found there. It has emerged that the attackers gained access to a Strætó system which hosts data related to transport services provided by Strætó on behalf of specified municipalities. in the period 2014-2021. This notice has been prepared in cooperation with the municipalities of Garðabær, Hafnarfjörður, Kópavogur, Mosfellsbær, Reykjavík and Seltjarnarnes. The Data Protection Authority has been notified of the matter, and the municipalities and Strætó have been in communication with the authority regarding this and have kept it informed.

The investigation into the matter is still ongoing.

Detailed information can be found on the Strætó website. notification ...the matter, which states, among other things, that extensive measures have been taken to block the access of the aforementioned parties and to limit the impact on the individuals about whom Strætó holds information. There is no indication that the attackers have or can misuse this information, but it cannot be ruled out that the information will be published publicly by the aforementioned parties.

The matter is being closely monitored at the level of the City of Hafnarfjörður. Further information about the security breach is provided by Strætó's Data Protection Officer, Sigurður Már Eggertsson, via email. personuvernd@straeto.is.You can also contact the Hafnarfjörður municipal service centre via the email address: hafnarfjordur@hafnarfjordur.is and telephone: 585-5500.

Photograph: Bus (straeto.is)