Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Montreal’s STM Public Transport System Hit By Ransomware Attack

Montreal’s STM Public Transport System Hit By Ransomware Attack

Source: Alexcaban

Montreal’s Société de transport de Montréal (STM) public transport system was hit with a RansomExx ransomware attack that has impacted services and online systems.

On October 19th, STM suffered an outage that affected its IT systems, website, and customer support.

While these outages did not affect the operation of buses or metro systems, people with disabilities who rely on STM’s door-to-door paratransit service are affected as it uses an online registration system.

On Tuesday morning, STM announced that the outages were caused by a ‘computer virus that caused a major failure on various platforms.”

Later that evening, STM confirmed that they had suffered a ransomware attack and are working with law enforcement and external experts to restore their systems and investigate the attack.

“The Société de transport de Montréal (STM) wishes to inform its customers that the major computer failure it has suffered since October 19 in the afternoon is the consequence of a ransomware type, targeting all applications, despite the various defenses that are in place to deal with this type of eventuality.”

Also Read: Steps On How To Create Complain About Telemarketing Calls

The STM website is still down, but visitors are now redirected to, where information about public transport services and the attack is posted.

STM website outage information

RansomExx gang behind attack

According to a source familiar with the situation, STM suffered an attack by the RansomExx ransomware operation.

RansomExx is a rebranded version of the Defray777 ransomware that become more active in June, with attacks against organizations such as the Texas Department of Transportation (TxDOT), Konica MinoltaIPG Photonics, and more recently, Tyler Technologies.

When conducting attacks, RansomExx operators will compromise a network and steal unencrypted files as they spread laterally through the system. Once they gain access to the Windows domain controller, they deploy the ransomware on all available devices.

Also Read: EU GDPR Articles: Key For Business Security And Success

It is not known if STM has been in contact with the ransomware operators or the ransom amount.

This is a developing story.



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us