Cyber Incident Victim: Big Blue Bus

The Big Blue Bus (BBB) publicly disclosed a data security incident involving its partner NextBus on September 27, 2015, following notification from NextBus on September 25. NextBus, which provided predictive real-time bus arrival data to BBB customers, detected suspicious activity originating from an agency account on September 18, 2015. The company's IT team responded immediately to contain the issue. An unauthorized individual potentially accessed a database containing account information for NextBus agency customers and riders who created personalized accounts on NextBus.com. The breach exclusively impacted users who established individual accounts to customize transit information displays on websites or smartphones. NextBus confirmed its systems did not store or process Social Security numbers, driver's license information, or financial data such as credit card details, eliminating exposure risks for these sensitive categories.

In response to the breach, NextBus implemented multiple containment measures including disabling the compromised account, enhancing minimum password complexity requirements, and blocking network traffic to or from suspicious IP addresses. The company advised affected users to reset their NextBus account passwords, particularly if they reused credentials across multiple platforms. BBB and NextBus jointly cautioned customers about potential phishing attempts related to the incident, explicitly stating that neither organization would solicit personal or account information via email. Customers received instructions to report suspicious communications to NextBus support through email at [email protected] or via telephone at 1-877-NEXTBUS (639-8287). The public notification emphasized the breach's limitation to NextBus account credentials while outlining concrete remediation steps taken by the service provider.