Cyber Incident Victim: Central Ohio Transit Authority

On December 14, 2022, the Central Ohio Transit Authority (COTA) publicly disclosed a cybersecurity incident that prompted immediate operational changes. The organization proactively took its IT systems offline as a protective measure for employees and customers, indicating detection of a potential threat to its digital infrastructure. This defensive action occurred before the public announcement, though the exact timeline of initial compromise remains unspecified in available sources. Service impacts were selectively managed, with fixed-route bus operations maintaining normal schedules despite the IT disruption. The decision to keep physical transit services running while disabling digital systems suggests COTA prioritized maintaining core transportation functions during containment efforts.

The incident significantly affected real-time transit information systems, rendering them unavailable to customers. COTA//Plus paratransit service remained operational through its dedicated mobile application, while Mainstream service customers retained booking capabilities via telephone at 614-344-4488. These operational adjustments indicate segmented system impacts, with critical customer-facing functions preserved through alternative channels. COTA emphasized its commitment to safeguarding personal information and operational safety throughout the incident response, directing stakeholders to additional details through an external press release. No data regarding intrusion methods, threat actors, or data compromise appears in the primary source material documenting this disclosure.