Looks like San Francisco refused to give in to transit system hackers trying to hold the city for ransom. In a conversation with Motherboard, the attackers (still going by "Andy Saolis") have threatened to expose 30GB of Muni databases and documents unless they receive the $73,000 in bitcoin that they demanded alongside the initial hack. They're trying to claim the moral high ground, too. Purportedly, the hack was a "proof of concept" meant to show that the San Francisco Metropolitan Transportation Authority doesn't "pay attention to your safety." This forces SFMTA to "do right job," the perpetrators claim in broken English.
The threat doesn't exactly hold a lot of water, though. For one, the hackers don't have any proof that they actually have the files -- they refused to send samples to Motherboard. Also, it's doubtful that there's a noble cybersecurity cause here between the demands for money and the Russian email address used to demand payment. Based on current evidence, this appears to be little more than a botched extortion attempt by criminals. They successfully compromised Muni systems, but they weren't prepared for officials to call their bluff and restore service without paying a dime.