Breaking Transport for London’s ongoing cyber incident has taken a dark turn as the organization confirmed that some data, including bank details, might have been accessed, and 30,000 employees’ passwords will need to be reset via in-person appointments.
TfL dropped the claim it made earlier this week that there had been “no evidence” of customer data being compromised in its cyber incident page. A further update has now confirmed that, yes, some customer data might indeed have been accessed. According to TfL: “Some Oyster card refund data may have been accessed. This could include bank account numbers and sort codes for a limited number of customers (around 5,000).”
TfL has said it will contact affected customers as soon as possible “as a precautionary measure.”
While the network continues to run, large chunks of the TfL IT infrastructure have been pulled offline. Live tube arrival information isn’t available, applications for new Oyster photocards have been suspended, and refunds for incomplete pay-as-you-go journeys made using contactless. Staff have limited access to systems.
The last point is significant since TfL is undertaking an all-staff identity check and resetting 30,000 employee passwords in person. According to the TfL Employee Hub, staff details have been accessed as well as those of customers, although right now TfL only suspects email addresses, job titles, and employee numbers have been looked at.
The Register understands that the incident is very much ongoing. There has also been an emergency meeting for management regarding the situation and a change in the physical security stance around TfL offices and facilities.
Physical security has, however, been beefed up by the sounds of it, although the very harrassed-sounding PR person said it was to “draw a line under it all.”
TfL is no stranger to identity theft and malware. In 2023, in an unrelated incident, a London Underground worker, using a keylogger, was able to give himself discounts and access the accounts of colleagues. The worker, Lewis Kelly, narrowly avoided a custodial sentence at the time. ®
THIS IS A BREAKING STORY AND THE REGISTER HAS MORE INFORMATION COMING WITHIN MINUTES…..