Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack that has yet to impact its services. The agency says that, for the moment, there is no evidence that customer information was compromised during the incident.
"We are currently dealing with an ongoing cyber security incident," TfL's Customer Information Team warned customers over email earlier and in a statement published online today.
"At present, there is no evidence that any customer data has been compromised and there has been no impact on TfL services."
"The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems," the agency added.
"We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident," TfL's chief technology officer Shashi Verma said in a statement to the BBC.
Investigating the Incident
TfL has confirmed that its backroom systems at its corporate headquarters are mainly affected by the attack. Insiders told the BBC that staff have been asked to work from home if possible.
TfL’s Previous Cyber Security Incident
TfL also confirmed last July that the Cl0p ransomware gang hacked one of its suppliers' MOVEit managed file transfer (MFT) servers (hosted outside TfL's systems) in May 2023. The Russian cybercriminals stole the contact details of approximately 13,000 customers, but the transport authority said that their banking details were not compromised.
"MOVEit is also used directly within TfL’s systems but this was not compromised," TfL added at the time.
TfL’s Structure
TfL is organized into three units that oversee London's surface, underground, and Crossrail (the Elizabeth line jointly managed with the UK's Transport Department) transportation systems, serving over 8.4 million city residents.
The Ongoing Situation
This is a developing story...