Transport for London investigates a cybersecurity incident

September 4, 2024
Transport for London Cyberattack UK London Hackers

The UK transport sector, Transport for London, is currently investigating a cybersecurity incident that could allegedly be a cyberattack. Based on reports, the alleged attack has yet to impact the services of the transport agency.

The agency claimed its investigation had not found evidence that the incident compromised customer information. TfL explained that it is now dealing with an ongoing cyber security situation, as its Customer Information Team emailed its customers earlier this week. They also published the warning online to alert individuals who will not receive the letters.

Additionally, the agency assured everyone that the attack had no implications since there is currently no proven incident of customer data compromise and no disruption to TfL services.

 

Transport for London has already contacted relevant law enforcement agencies.

 

Transport for London has also reported the attack to the appropriate government agencies, such as the NCSC and the NCA, to work closely with them, respond, and mitigate the incident’s impact.

The agency also insisted that it would not take the cybersecurity incident lightly, as the security of its systems and client data is critical to it. As of now, it has already taken urgent action to prevent further access to its systems.

In a news outlet, TfL’s chief technology officer stated that the company has implemented various actions to address a continuing cyber security incident.

However, this is not the first time TfL has suffered such an incident. A couple of months ago, it disclosed that the Cl0p ransomware gang targeted one of its vendors’ MOVEit managed file transfer servers in May 2023.

The Russia-based attackers allegedly acquired the contact information of about 13,000 consumers, but the transportation authority claims that their banking information was not exposed.

MOVEit is also used directly within TfL’s systems, but TfL stated at the time that it was not the cause of the compromise since it had not been hacked. This incident is a developing story, but potentially impacted users should be ready since the scope and nature of this alleged cyberattack could cause significant implications.

About the author

Leave a Reply