TfL Cyberattack Under Investigation , No Impact on Services Yet
Transport for London (TfL), the city’s transportation authority, is currently investigating an ongoing cyberattack. While the attack is ongoing, TfL has assured the public that there has been no impact on its services.
“We are currently dealing with an ongoing cyber security incident,” TfL’s Customer Information Team stated in an email to customers and an online statement.
The agency has also been transparent about the situation, stating that, as of now, there is no evidence that any customer data has been compromised.
“At present, there is no evidence that any customer data has been compromised and there has been no impact on TfL services,” the statement added.
TfL Taking Action to Contain the Cyberattack
TfL has taken immediate action to prevent any further access to its systems and has introduced several measures to its internal systems to deal with the ongoing cyber security incident.
“The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems,” the agency stated.
TfL has also reported the attack to relevant government agencies, including the National Crime Agency and the National Cyber Security Centre, and is working closely with them to respond and contain the incident’s impact.
TfL’s Chief Technology Officer Speaks Out
TfL’s chief technology officer, Shashi Verma, addressed the situation in a statement to the BBC, emphasizing the agency’s proactive approach: “We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident.”
1/2 – Hi, thanks for getting in touch. We are working to resolve this as soon as possible. We need to complete our full assessment, but there is currently no evidence that any customer data has been compromised, or impact on TfL services. We are working closely with the
— TfL (@TfL) September 2, 2024
Previous Cyberattack on TfL Supplier
This incident comes after a previous cyberattack in May 2023, where the Cl0p ransomware gang hacked one of TfL’s suppliers’ MOVEit managed file transfer (MFT) servers. This server was hosted outside of TfL’s systems.
The Russian cybercriminals stole the contact details of approximately 13,000 customers, but TfL confirmed that their banking details were not compromised.
“MOVEit is also used directly within TfL’s systems but this was not compromised,” TfL stated at the time.
Impact of TfL Cyberattack
TfL is organized into three units that oversee London’s surface, underground, and Crossrail (the Elizabeth line jointly managed with the UK’s Transport Department) transportation systems, serving over 8.4 million city residents.
The ongoing TfL cyberattack highlights the increasing vulnerability of critical infrastructure to cyberattacks. TfL’s proactive response and transparency are commendable, but this incident serves as a reminder of the importance of robust cybersecurity measures to protect critical infrastructure and sensitive data.
