Transport for London (TFL) has issued a notice informing Londoners that hackers have made their way into the transport system’s IT network, but took no customer data - only inflicting minor setbacks.
“We are currently dealing with an ongoing cyber security incident,” reads the cybersecurity incident notice, posted on the TFL.gov.uk site. “At present, there is no evidence that any customer data has been compromised and there has been no impact on public transport services.”
“The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems,” the statement continues. “We are working closely with the relevant government agencies to respond to the incident.”
While most of the public transport network is expected to keep operating as usual, TFL took some “proactive efforts” to protect the integrity of its services and data.
These efforts mean that:
● Live Tube arrival information is not available on some digital channels
● Applications for Oyster photocards, including Zip cards, have been temporarily suspended
● Pay-as-you-go contactless customers will be temporarily unable to access their online journey history
● Refunds for journeys made using contactless cards are unavailable
● Oyster customers will have to self-serve online
● Staff have limited access to systems and email, meaning communications may be delayed or unavailable for now
In a statement shared with BleepingComputer, TFL’s chief technology officer, Shashi Verma, emphasized TFL’s position on this incident saying “customer data is very important to us.”
So far there is no indication that the attackers stole any data from TFL’s servers. However, it’s not out of the question that some data may leak as a result of this breach, as is often the case with ransomware attacks - if this turns out to be one.
If you’re a TFL customer, watch out for unsolicited communications asking for your input - such as to confirm a login or instructions to share personal information. Fraudsters typically leverage data stolen in breaches to conduct socially engineered attacks on netizens.
Anyone affected by a data breach should consider a data monitoring service. Bitdefender Digital Identity Protection lets you find out if your data has leaked online, what type of information was compromised, what risks you face, and whether your information is for sale on the dark web.
Bitdefender recently published two straightforward guides on how to exercise good cybersecurity hygiene to combat the rising tide of socially crafted scams targeting regular folk.
Read: Make It Hard for Scammers to Get You! Use These Seven Vital Tips
Read: Got a Strange Text? 5 Signs That You’re Being Scammed (and How to Protect Yourself)
Consider using Scamio if you're suspicious of a certain phone call, email or SMS. Scamio provides a fast and efficient way to find out if you’re being conned. Simply describe the situation to our clever chatbot and let it guide you to safety. You can share with Scamio the exact thing you want to check: a screenshot, PDF, QR code or link. Scamio lets you know in seconds if it’s a scam. Use it anywhere via web browser, Facebook Messenger, or WhatsApp. Scamio is localized for use in the US, France, Germany, Spain, Italy, Romania, Australia and the UK.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsNovember 14, 2024
September 06, 2024