Wow! Thankfully it was just the ticketing system that was compromised, and not some other critical system such as rail switching or actual control of the trains. It sounds like this was a DDoS attack. It would be interesting to know whether this attack was perpetrated by someone controlling their own curated botnet or if the attacker used some DDoS as a Service outfit to rent a botnet to carry out the attack.