Transport for London, town’s public transportation company, revealed at present that its workers has restricted entry to methods and e-mail because of measures carried out in response to a Sunday cyberattack.
On Monday, the transport authority reported the incident to related authorities businesses (together with the Nationwide Cyber Security Centre and the Nationwide Crime Company). It’s now working with them to reply, assess, and include the assault’s influence.
Thus far, an ongoing investigation has but to find proof that buyer info was compromised in the course of the incident.
“Many of our staff have limited access to systems and email and, as a result, we may be delayed or unable to respond to your query or any webforms previously submitted,” TfL stated in a Friday replace.
“We are currently unable to issue refunds for journeys made using contactless cards, and Oyster customers will have to self-serve online.”
Whereas in-station and journey planning info stays accessible, Transport for London stated some dwell journey knowledge (together with prepare arrival info and TfL JamCams) is unavailable on some platforms, just like the official web site and the TfL Go app.
TfL has additionally suspended purposes for Oyster photocards, together with Zip playing cards, and pay-as-you-go contactless clients can now not view their on-line journey historical past.
“We apologise for any inconvenience that these temporary changes will cause to some customers and are working to bring these back online as quickly as possible,” TfL’s Chief Expertise Officer Shashi Verma stated in a press release shared with BleepingComputer.
Earlier this week, the Dial-a-Experience reserving system was briefly unavailable because of inner measures taken to take care of the cyberattack. Nonetheless, based on Verma, present bookings have been nonetheless honored.
Important bookings can now be made by telephone, and full name middle providers are anticipated to renew over the approaching days.
Regardless of the disruptions, TfL said that London’s transport community is working “as usual” and that the cyberattack has not affected public transport providers.
“The security of our systems and customer data is very important to us. We continually monitor who is accessing our systems to ensure only those authorised can gain access. We identified some suspicious activity on Sunday and took action to limit access,” Verma added.
TfL offers transportation providers to over 8.4 million metropolis residents by London’s floor, underground, and Crossrail (the Elizabeth line, collectively managed with the UK’s Transport Division) transport methods.
In July 2023, the transport company additionally confirmed that the Cl0p ransomware gang stole the contact particulars of roughly 13,000 clients after hacking one in all its suppliers’ MOVEit managed file switch (MFT) servers (hosted outdoors TfL’s methods) in Could 2023.
