A 17-year-old has been arrested following a cyber attack on Transport for London (TfL) that exposed sensitive customer information and disrupted some services. The National Crime Agency (NCA) confirmed the arrest, which took place on September 5 in Walsall, West Midlands, just days after the cyber attack began.

Data Breach and Ongoing Investigation

TfL discovered suspicious activity on their network on September 1 and took immediate steps to limit access to its systems. The organization is working closely with the NCA and the National Cyber Security Centre (NCSC) to investigate the incident. Although the situation is still evolving, TfL has confirmed that hackers accessed customer data, including names, email addresses, home addresses, and, in some cases, Oyster card refund information.

Around 5,000 customers may have had their bank account numbers and sort codes compromised, primarily through Oyster card refund data. TfL is contacting affected customers directly to provide guidance and support.

Service Disruptions

While there has been minimal disruption to customers, some services have been temporarily affected as a precaution. TfL is working to secure its systems, but several digital services have been impacted:

  • Live Tube arrival information is unavailable on some digital platforms, including TfL Go and the TfL website. However, information at stations and journey planning tools remain operational.
  • Applications for new Oyster photocards, including Zip cards, have been suspended. Customers needing to replace lost photocards can call TfL for assistance.
  • Contactless payment card users will not be able to access their online journey history during this time, and refunds for incomplete journeys made with contactless payments are currently unavailable. TfL advises customers to ensure they always touch in and out when traveling.
  • Limited staff access to TfL’s systems may cause delays in responding to online inquiries, and TfL is also conducting an all-staff IT identity check as part of its efforts to secure systems.

 

TfL’s Response and Support for Customers

Shashi Verma, TfL’s chief technology officer, emphasized the organization’s commitment to customer data security. “We are working around the clock to protect our systems and limit the impact on our customers. If your data has been affected, we will contact you directly and offer support,” he said.

TfL has apologized for any inconvenience and continues to monitor the situation closely. The organization is taking proactive steps to protect both its customers and staff and will provide regular updates as new information becomes available.

Staying Safe and Vigilant

The NCSC urges anyone who thinks they may have been impacted by the data breach to be cautious of suspicious emails, phone calls, or text messages. As the investigation continues, TfL and cybersecurity agencies are working together to minimize the risks and keep customers informed.

Cookie Consent with Real Cookie Banner