Transport for London has been suffering from a cyber security incident since the start of September
A teenager has been arrested as part of the investigation into a cyber security incident affecting Transport for London (TfL).
The 17-year-old male was detained in the West Midlands by the National Crime Agency (NCA) on suspicion of Computer Misuse Act offences in relation to the attack, which was launched against TfL on 1st September.
The NCA is leading the law enforcement response, working closely with the National Cyber Security Centre and TfL to manage the incident and minimise any risks.
The teenager, who was arrested on 5th September, was questioned by NCA officers and bailed.
Deputy director Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “We have been working at pace to support Transport for London following a cyber attack on their network, and to identify the criminal actors responsible.
“Attacks on public infrastructure such as this can be hugely disruptive and lead to severe consequences for local communities and national systems.
“The swift response by TfL following the incident has enabled us to act quickly, and we are grateful for their continued co-operation with our investigation, which remains ongoing.
“The NCA leads the UK’s response to cybercrime. We work closely with partners to protect the public by ensuring cyber criminals cannot act with impunity, whether that be by bringing them before the courts or through other disruptive and preventative action.”
As part of TfL’s response to the ongoing cyber security incident it has temporarily restricted access to customer journey history for pay-as-you-go contactless customers, as well as limited access to some live travel data via apps. TfL will also be contacting around 5,000 customers with regard to bank detail data.
TfL today (Thursday 12th) issued an update. Shashi Verma, TfL’s chief technology officer, said: “The security of our systems and customer data is very important to us. We continually monitor who is accessing our systems to ensure only those authorised can gain access.
“We identified some suspicious activity on Sunday 1st September and took action to limit access. A thorough investigation continues alongside the National Crime Agency and the National Cyber Security Centre.
“Although there has been very little impact on our customer so far, the situation continues to evolve and our investigations have identified that certain customer data has been accessed. This includes some customer names and contact details.
“Some Oyster card refund data may also have been accessed. This could include bank account numbers and sort codes for a limited number of customers. As a precautionary measure, we will be contacting these customers directly as soon as possible to advise them of the support we can provide and the steps they can take.
“We have notified the Information Commissioner’s Office and are working at pace with our partners to progress the investigation. We will provide further updates as soon as possible.
“In addition, as part of the measures we have implemented to deal with the cyber incident, we have today put in place additional measures to improve our security. This includes an all-staff IT identity check. Throughout this planned process we have ensured that all safety critical systems and processes have been maintained.
“We do not expect any significant impact to customer journeys as we carry out this process. However, temporary and limited disruption is possible to some services so, as ever, please check before you travel.
“We will continue to keep our customers and our staff updated. I would like to apologise for the inconvenience this incident may cause customers and I thank everyone for their patience as we respond to this incident.”
For the latest information on the cyber security incident at TfL:
Visit tfl.gov.uk/campaign/cyber-security-incident
No news is bad news
Independent news outlets like ours – reporting for the community without rich backers – are under threat of closure, turning British towns into news deserts.
The audiences they serve know less, understand less, and can do less.
If our coverage has helped you understand our community a little bit better, please consider supporting us with a monthly, or one-off donation.
Choose the news. Don’t lose the news.
Monthly direct debit
More information on supporting us monthly
More Information about donations