TfL cyber attack: 17-year-old boy arrested as thousands of passengers details feared to be accessed

TfL headquartersTfL headquarters
TfL headquarters | Getty Images
A 17-year-old boy has been arrested in connection with the cyber security incident affecting Transport for London (TfL), the National Crime Agency (NCA) said.

TfL said that about 5,000 customers' sort codes and bank account details could have been accessed by hackers amid an "ongoing cyber security incident".

The NCA said the teenager was arrested in Walsall, West Midlands, on September 5, after the cyber attack began four days earlier.

Hide Ad
Hide Ad

TfL said it had identified some suspicious activity on Sunday (September 1) and had put measures in place to limit access.

In an update on Thursday (September 12), TfL said that despite these measures certain customer data has been accessed.

This includes customer names and contact details (including email addresses and home addresses where provided).

TfL says a “thorough investigation” is underway as the transport body faces an ongoing cyber attack.TfL says a “thorough investigation” is underway as the transport body faces an ongoing cyber attack.
TfL says a “thorough investigation” is underway as the transport body faces an ongoing cyber attack. | Getty Images

Paul Foster, head of the NCA's National Cyber Crime Unit, said: "Attacks on public infrastructure such as this can be hugely disruptive and lead to severe consequences for local communities and national systems."

Hide Ad
Hide Ad

He added: "We have been working at pace to support Transport for London following a cyber attack on their network, and to identify the criminal actors responsible.

"The swift response by TfL following the incident has enabled us to act quickly, and we are grateful for their continued co-operation with our investigation, which remains ongoing."

TfL’s chief technology officer Shashi Verma said the customers who had been affected would be contacted directly.

He added that an investigation into the cyber attack was taking place alongside the NCA and the NCSC.

Hide Ad
Hide Ad

"Although there has been very little impact on our customers so far, the situation continues to evolve and our investigations have identified that certain customer data has been accessed," he said.

"This includes some customer names and contact details, including email addresses and home addresses where provided.

"Some Oyster card refund data may also have been accessed. This could include bank account numbers and sort codes for a limited number of customers.

"As a precautionary measure, we will be contacting these customers directly as soon as possible to advise them of the support we can provide and the steps they can take."

Hide Ad
Hide Ad

Mr Verma added that the "security" of its systems and customer data were "very important" to TfL.

"We continually monitor who is accessing our systems to ensure only those authorised can gain access," he said.

"We will continue to keep our customers and our staff updated.

"I would like to apologise for the inconvenience this incident may cause customers and I thank everyone for their patience as we respond to this incident."

The National Crime Security Centre (NCSC) is urging anyone who thinks they may have been the victim of a data breach to be vigilant about suspicious emails, phone calls or text messages.

Related topics:

Comment Guidelines

National World encourages reader discussion on our stories. User feedback, insights and back-and-forth exchanges add a rich layer of context to reporting. Please review our Community Guidelines before commenting.

Follow us
©National World Publishing Ltd. All rights reserved.Cookie SettingsTerms and ConditionsPrivacy notice