A rudimentary hack has put all bikes out of commission.
Hackers have taken out Bycyklen, a rental bike program in Copenhagen. Over the weekend, this attack deleted the company’s entire database, and make rental of the city bike units impossible. The company is quick to point out that user’s private information is safe, but that user’s should immediately update their Bycyklen PINs.
“The attack has been aimed directly at our business, not our users,” the company said. “We do not store payment card information.” The only information which the company says it maintains is email addresses, phone numbers, and the aforementioned program PINs.
These rental bikes utilize an android tablet for rentals, and recovering from the hack requires a manual update for each individual bike, which doesn’t seem to be an easy task. On Saturday the company had managed to restore around 200 units back to service. Additionally, the company is having a “treasure hunt” on their company Facebook page which is asking users to report locations of out of service bicycles.
It seems that this attack was not a case where attackers were seeking personal gain, instead they were simply looking to hurt the company, or inconvenience the public.
Source: Bleeping Computer