PROVIDENCE, R.I. (WPRI) — The R.I. Public Transit Authority confirmed Tuesday cybercriminals have hacked the public transit system, shutting down some operations and disrupting passengers’ ability to pay for rides.

State officials said the cyberattack happened last week and RIPTA has since been working to restore some operations, including disrupted phone lines and email access, but that transit services have continued uninterrupted.

It wasn’t immediately clear what type of information was compromised as a result of the cyberattack, but RIPTA CEO Scott Avedisian said the quasi-public agency’s primary system that stores employee files and most operations hasn’t been affected. His office also emphasized that the agency doesn’t keep any passenger financial information in-house, “so that information should remain secure.”

“There are specifics that we cannot discuss at the moment, but we want the public to know that our buses are fully operational and we want to thank the public for their patience,” Avedisian said in a statement. “We are methodically working to determine which systems were impacted by the disruption.”

Target 12 first reached out about the hack on Monday, but a spokesperson said the inquiry wasn’t received because phone systems and emails have been down.

So far, state officials said the biggest impact has been on passengers who use the agency’s Wave smart fare payment system, which allows riders to use a rechargeable card or phone to pay fares.

The payment system has not been working properly since the cyberattack happened last week, officials said, but passengers should not expect to lose any prepaid products or balances in their accounts.

RIPTA drivers have been instructed to allow on board any passengers with Wave mobile apps, “even if they are not functioning.” Some phone lines and email access at RIPTA’s offices still had not been restored as of Tuesday night.

Cyberattacks have been happening more frequently in recent years, as cybercriminals have found repeated success in attacking public, private and nonprofit IT systems. Often times, the criminals will use so-called ransomware to hold sensitive information hostage unless paid money.

It wasn’t immediately clear whether RIPTA had paid any money as result of the cyberattack.

“We are working as quickly as possible with our own IT Department and professional consultants to restore all of our systems in a safe manner,” Avedisian said. “We understand that it’s been a frustrating couple of days for people who have not been able to reach us, and we apologize for any inconvenience.”

RIPTA is asking RIde and Flex passengers to please use the following temporary phone numbers to book their trips in advance: 401-640-9355 or 401-265-4004.

Eli Sherman ( is a Target 12 investigative reporter for 12 News. Connect with him on Twitter and on Facebook.