Skip to content

Transport for London investigating cyber attacks, services unaffected

  • by
  • 2 min read

Photo: Philipp Reiner | Pixabay

Transport for London (TfL), the city’s primary transport authority, is currently grappling with an ongoing cyber attack that has, so far, spared its services and customer data from any apparent harm.

Insiders have been instructed to work from home, whenever possible, reports BBC. The corporate headquarters’ backup systems are the most affected.

In a statement, TfL assured the public that there is no evidence to suggest that customer information has been compromised.

“We are currently dealing with an ongoing cybersecurity incident,” the agency informed its customers via email and online notice. “At present, there is no evidence that any customer data has been compromised, and there has been no impact on TfL services.”

Furthermore, TfL has reported the crime to multiple government agencies, including the National Crime Agency and the National Cyber Security Center.

“We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident,” said Sashi Verma, TfL’s chief technology officer. “The security of our systems and customer data is very important to us and we will continue to assess the situation throughout and after the incident.”

This is not the first time cybercriminals have targeted TfL. As reported by BleepingComputer, in May 2023, the Cl0P ransomware gang breached one of its suppliers’ MOVEit managed file transfer (MFT) servers.

During that incident, the Russian-based group stole the contact details of approximately 13,000 TfL customers. Fortunately, no banking information was compromised, and the MOVEit system directly used by TfL remained secure.

Cybercriminals have been targeting important infrastructure such as transport and hospitals to gain more notoriety. Also, these services cater to the needs of millions at a time and serve as a goldmine of data for hackers.

In February 2024, cybercrooks targeted 18 hospitals in Romania. In June, Qilin stole the data from the NHS blood testing company Synnovis and demanded $50 million for releasing decryption keys.

In the News: Data of 390 million VK users exposed on hacking forum

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>