Tipsters speaking to CBS claim that the hack had been around for "days," and that it affected employees. Hoodline expands on this and claims that the attack compromised database servers, email, training and even payroll systems. "Only" a quarter of SFMTA's computers (2,112 of 8,656) fell victim, but that was enough to prompt the emergency shutdown. The agency might not have had to give into the ransom demands, at any rate. While officials haven't confirmed anything, Hoodline understands that the backup servers were likely safe. The biggest concern is that Muni may have lost days' worth of information if there was no recent backup.

It's possible that the attackers got in through a phishing scheme, where an employee was tricked into installing rogue code through deceptive email or websites, but that's not certain at this early stage.

The evidence suggests this is more likely to be a classic instance of cybercrime instead of a state-sponsored act. After all, San Francisco's train station is a tempting target with both money and a strong incentive to recover its systems as quickly as possible. Whoever's responsible, the act is a reminder that a lot of America's critical infrastructure remains vulnerable. It also cuts a little too close to the bone for gamers -- Ubisoft just released Watch Dogs 2, where activist hackers exploit San Francisco's information grid to further their (considerably nobler) causes. Watch Dogs' tendency to eerily mirror reality remains intact.