HomeRisk ManagementsTfL Confirms Customer Data Breach, Arrest of 17-Year-Old Suspect

TfL Confirms Customer Data Breach, Arrest of 17-Year-Old Suspect

Published on

spot_img

Transport for London (TfL) has disclosed that a breach in its systems has led to the exposure of certain customer data due to a cyber-attack. The breach, uncovered recently, has resulted in the unauthorized access of Oyster refund data, which includes sensitive information such as bank account numbers and sort codes pertaining to approximately 5000 customers.

In an update provided on September 12, TfL acknowledged that the attackers had also managed to obtain additional personal details of select customers. This compromised information comprises names, email addresses, and home addresses. As a precautionary measure, TfL has pledged to contact the affected customers promptly.

Furthermore, the government-operated transportation organization, which oversees a significant portion of London’s transport network, has initiated a comprehensive IT identity verification process for all staff members in response to the breach.

TfL assured the public that despite the ongoing investigation and security measures being implemented, there is no anticipation of major disruptions to customer journeys. However, temporary and minor disruptions to certain services may occur, prompting TfL to recommend passengers to check for updates before traveling.

Collaborating closely with the UK’s National Crime Agency (NCA) and National Cyber Security Centre (NCSC), TfL continues to delve into the cyber-attack incident that compelled the organization to temporarily halt some of its services on September 2. This temporary suspension included the discontinuation of Oyster photocards and Zip cards applications, as well as the unavailability of live Tube arrival information on the TfL Go app and website.

Moreover, the partial restriction of access to systems for many TfL staff members has resulted in delays in handling online queries. Nonetheless, the overall functioning of transport services across the city has not been adversely affected by the cyber security breach.

In a significant development, the NCA confirmed the arrest of a 17-year-old male in Walsall, West Midlands, on suspicion of offenses under the Computer Misuse Act related to the TfL cyber-attack. The suspect was apprehended on September 5, interrogated by NCA officials, and subsequently released on bail.

Deputy Director Paul Foster, who heads the NCA’s National Cyber Crime Unit, emphasized the unit’s swift response in providing support to TfL post-attack and in identifying the culprits involved. Foster underscored the disruptive nature of attacks on essential public infrastructure like TfL’s network, highlighting the potential severe ramifications for local communities and national systems.

The collaborative efforts between TfL and the NCA remain ongoing as they work hand in hand to address the implications of the cyber-attack and bolster the organization’s cybersecurity framework against future threats.

Source link

Latest articles

Medusa Ransomware Detection: FBI, CISA, and Partners Issue Warning on Rising Attacks against Critical Infrastructure by Ransomware Actors

In a report by Sophos, the costs associated with ransomware recovery have surged to...

Risks of API Hooking Highlighted by OBSCURE#BAT Malware

Researchers from a prominent cybersecurity firm have unearthed a sophisticated attack chain that is...

EU Requests Reassurances from US Regarding Trans-Atlantic Data Flows

Worries have been mounting over the stability of the Data Privacy Framework as concerns...

Lazarus Group Moves 400 ETH and Initiates Fresh Cyber Attacks

Lazarus Group, a notorious hacking organization linked to North Korea, has been making headlines...

More like this

Medusa Ransomware Detection: FBI, CISA, and Partners Issue Warning on Rising Attacks against Critical Infrastructure by Ransomware Actors

In a report by Sophos, the costs associated with ransomware recovery have surged to...

Risks of API Hooking Highlighted by OBSCURE#BAT Malware

Researchers from a prominent cybersecurity firm have unearthed a sophisticated attack chain that is...

EU Requests Reassurances from US Regarding Trans-Atlantic Data Flows

Worries have been mounting over the stability of the Data Privacy Framework as concerns...