Cyber Incident Victim: Taxis Coop Québec
Date:
Nov 2022
Location:
Canada
Summary
A cooperative taxi service in Quebec experienced a cyberattack during which hackers made three unsuccessful attempts before compromising its application overnight. Employees detected system slowdowns, prompting technicians to proactively shut down all servers for several hours as a precaution. While most functionality was restored within days, administrative communications remained temporarily unavailable, and full system recovery was anticipated the following week. The organization confirmed no client data exposure, emphasizing that financial information is not stored internally due to prior security measures implemented after a similar 2018 incident. Operational continuity was maintained through alternative booking channels, and a police report was filed in response to the breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 3 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On the night of Wednesday, November 16, 2022, through early Thursday, Taxis Coop Québec experienced a cyberattack targeting its application infrastructure. Employees first detected anomalous activity when system performance degraded noticeably at the start of the night shift. Attackers attempted three separate breaches of the application, with the first two attempts successfully repelled by existing security measures before the third compromise succeeded. Technical personnel responded by initiating a full preventive shutdown of all servers between 2:00 AM and 4:30 AM Thursday to contain the intrusion. By Friday morning, approximately 90% of system functionality had been restored, enabling core operations like taxi bookings through the mobile application and telephone channels. The cooperative's director, Luc Sélesse, confirmed this was not their first cybersecurity incident, referencing a similar 2018 attack that prompted implementation of remote server shutdown capabilities for technicians.
The attack caused partial disruption to administrative functions, preventing customers from contacting management offices despite restored booking services. Taxis Coop Québec emphasized no customer data exposure occurred, citing segregated financial data handling through third-party institutions and application security investments. A formal police report was filed on Friday following containment. Customers experiencing critical issues were instructed to relay information through dispatchers until full system restoration, projected for early the following week. Operational continuity measures maintained taxi dispatch capabilities throughout the recovery period while technicians addressed residual system impairments.