TfL says cyber-incident isn’t affecting services

September 4, 2024
1 min read

TLDR:

Transport for London (TfL) is currently dealing with a cybersecurity incident, but claims that it is not impacting services or customer/employee data. The organization is working closely with government agencies to respond to the incident. Cybersecurity experts warn that protecting critical national infrastructure like TfL assets requires comprehensive and ongoing effort. The incident comes after a supplier was caught up in a data extortion campaign impacting approximately 13,000 customers.

Full Article:

Transport for London (TfL) recently disclosed that it is facing an ongoing cybersecurity incident. Despite this, they have reassured the public that there has been no impact on TfL services or customer data. The local government body responsible for managing London’s various transportation networks, including the London Underground and buses, has taken immediate action to prevent further access to their systems.

TfL has partnered with government agencies such as the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to address the incident. While TfL has generally been successful in avoiding cyber-attacks on their critical operational systems, a recent data extortion campaign affecting one of their suppliers did impact thousands of customers.

Cybersecurity expert Spencer Starkey emphasized the importance of continuous effort in safeguarding critical national infrastructure like TfL assets. He also highlighted the need for collaboration between government agencies and the private sector to deter future attacks. Starkey’s comments come in the wake of increased cyber threats targeting governments and critical infrastructure.

As the incident unfolds, TfL continues to work towards resolving the cybersecurity issue and providing updates to the public. The organization, owned by the Greater London Authority and chaired by Mayor Sadiq Khan, remains focused on ensuring the security of its systems and data in light of the ongoing cyber incident.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and