Transport for London (TfL) is currently addressing a cyber security incident that has impacted their computer networks, leading to temporary limitations on some online services.

Description

TfL is currently dealing with a cyber security incident that has affected their computer networks, primarily impacting office staff and internal IT systems [4]. While public transport services remain unaffected [4] [7], some online services have been temporarily limited. This includes restricted access to customer journey history for pay as you go contactless customers [1] [3], as well as limited access to live travel data via apps and the TfL website [1] [3]. The incident has also impacted the photocard portal, Dial a Ride booking system [3] [5], and some live travel data [3] [4]. TfL is collaborating with authorities to investigate the incident and has implemented measures to safeguard customer data and public transport services. Some staff have been advised to work from home as a precaution [1] [3]. Real-time travel updates on apps like Citymapper and TfL Go [8], as well as the TfL website [8], have been affected [3] [7] [8] [10], leading to the suspension of key services such as live departure times for Tube trains and traffic updates from TfL JamCams [8]. However, platform information displays at Tube stations and bus countdown services are still operational [8]. TfL has confirmed that the cyberattack is under investigation [8], with no indication of it being a ransomware incident or any compromise of customer data [8]. The organization is working with the National Crime Agency and the National Cyber Security Centre to manage the attack [6] [8] [9]. In addition to the limitations on live travel data [8], online services for concessionary photocards and contactless payment journey history have been temporarily suspended [8]. The booking system for Dial a Ride was briefly unavailable but essential bookings can now be made by phone [1] [6] [8]. Employees at TfL’s main corporate headquarters in Southwark have been encouraged to work remotely [8], highlighting the need for further security measures [8]. Despite the ongoing investigation [8], TfL is committed to keeping customers and staff updated on the incident and restoring full service in the coming days [8]. The breach was identified on Sunday [6], with the main affected location believed to be Palestra House in Southwark [6]. Access to the photocard portal for Oyster 60+ and other travel concessions has been restricted following the cyber attack, with measures in place to ensure only authorized access to TfL computer systems. The National Crime Agency and the National Cyber Security Centre are involved in the investigation [1] [6] [8], with no evidence of customer data compromise [1] [2] [3] [5]. Some TfL staff have been advised to work from home to address the cyber attack [1], with the organization’s corporate headquarters at Palestra House [1], Southwark [1] [6] [8], being the main location affected [1].

Conclusion

TfL is working diligently to address the cyber security incident and has taken steps to safeguard customer data and public transport services. While some online services have been temporarily limited, efforts are being made to restore full service in the coming days. The incident highlights the importance of robust security measures and ongoing vigilance to protect against cyber threats in the future.

References

[1] https://www.inkl.com/news/tfl-cyber-attack-london-transport-chiefs-restrict-access-to-photocard-portal-for-60-oyster-and-other-cards
[2] https://www.bitdefender.com/blog/hotforsecurity/london-transport-system-says-no-customer-data-compromised-in-hacker-attack-on-sunday/
[3] https://www.yahoo.com/news/tfl-cyber-attack-london-transport-101237917.html
[4] https://www.ianvisits.co.uk/articles/tfl-cyber-attack-disrupts-internal-networks-but-transport-services-unaffected-75317/
[5] https://www.bbc.co.uk/news/articles/cwyjezrne3go
[6] https://fleetworld.co.uk/tfl-restricts-some-customer-data-access-amid-ongoing-cyber-attack/
[7] https://www.inkl.com/news/transport-for-london-cuts-data-feeds-to-travel-apps-amid-cyber-attack
[8] https://www.computing.co.uk/news/4356201/transport-london-restricts-access-live-travel-amid-cyberattack
[9] https://www.infosecurity-magazine.com/news/tfl-admits-services-down/
[10] https://www.silicon.co.uk/security/cyberwar/tfl-fallout-cyberattack-578622