Transport for London (TfL) warns of potential data compromise following a cyber attack earlier this month.
- The breach may involve customers’ personal and bank details, including names, contact information, and financial data.
- A 17-year-old suspect has been arrested and questioned in connection with this incident by the National Crime Agency.
- TfL has alerted the Information Commissioner’s Office and is collaborating with national security agencies to investigate the breach.
- Additional security measures have been implemented by TfL to prevent future breaches, assuring minimal impact on services.
Transport for London (TfL) has issued a warning to its customers about a potential compromise of personal bank details as a result of a cyber attack that occurred earlier this month. Customer information accessed during the breach includes names, email addresses, home addresses, and possibly bank account numbers and sort codes.
Initially, TfL had stated that there was no evidence of data compromise. However, following further investigation in partnership with the National Crime Agency and the National Cyber Security Centre, TfL has now notified the Information Commissioner’s Office about the breach.
A 17-year-old male was arrested in Walsall for suspected offences under the Computer Misuse Act in relation to the attack. Following questioning, he has been released on bail. This arrest forms a crucial part of the ongoing investigation.
Shashi Verma, TfL’s Chief Technology Officer, reported that suspicious activities were first identified on 1 September. Immediate actions were taken to limit access, with ongoing investigations revealing that some customer data had indeed been accessed.
TfL has taken precautions by directly contacting affected customers about compromised data. As an immediate response, they have also improved internal security protocols, including a new IT identity check for staff.
Though customer journeys have not been significantly impacted, TfL cautions that there might be temporary disruptions. This incident adds TfL to the list of major public bodies targeted by cyber attacks, a trend highlighted by similar incidents involving NHS England, the UK Ministry of Defence, and the British Library.
The TfL cyber attack underscores the pressing need for robust security measures to protect public sector data against increasing cyber threats.
