Transport for London (TfL) has experienced a cyber attack leading to potential data breaches.
- Customer bank details, including account numbers and sort codes, may have been accessed.
- The National Crime Agency has arrested a 17-year-old in connection with the incident.
- TfL is collaborating with the National Crime Agency and National Cyber Security Centre to investigate.
- Additional security measures have been implemented by TfL to mitigate future risks.
Transport for London (TfL) has recently suffered a cyber attack that may have compromised the personal and financial details of its customers. Following an investigation, the National Crime Agency (NCA) has confirmed the arrest of a 17-year-old male in Walsall for offences related to this incident under the Computer Misuse Act.
The breach occurred on 1 September, and TfL has acknowledged that some customer data, including names, contact information, and potentially bank account details, were accessed. Despite earlier assertions of security, TfL has now alerted the Information Commissioner’s Office and is working alongside the NCA and the National Cyber Security Centre to thoroughly investigate the situation.
Shashi Verma, TfL’s Chief Technology Officer, stated: ‘We identified some suspicious activity on Sunday 1 September and took action to limit access. A thorough investigation continues alongside the National Crime Agency and the National Cyber Security Centre.’ Verma acknowledged that the evolving situation led to the realisation that certain customer data had indeed been accessed.
Alongside personal data, some Oyster card refund information may also have been compromised, affecting a limited number of customers. TfL is proactively contacting those potentially impacted, offering them support and guidance as a precautionary measure.
As part of its response, TfL has introduced additional security protocols, including a comprehensive IT identity check for all staff members. While the transport body expects minimal disruption to customer services, it warns that some temporary and limited service interruptions may occur as they continue to reinforce their security infrastructure.
Transport for London is actively working to address the security breach and prevent future incidents, ensuring customer data protection.
