UPDATE : 07/09/2024

So far, an ongoing investigation has yet to discover evidence that customer information was compromised during the incident.

“Many of our staff have limited access to systems and email and, as a result, we may be delayed or unable to respond to your query or any webforms previously submitted,” TfL said in a Friday update.

“We are currently unable to issue refunds for journeys made using contactless cards, and Oyster customers will have to self-serve online.”

While in-station and journey planning information remains accessible, Transport for London said some live travel data (including train arrival information and TfL JamCams) is unavailable on some platforms, like the official website and the TfL Go app.

TfL has also suspended applications for Oyster photocards, including Zip cards, and pay-as-you-go contactless customers can no longer view their online journey history.

—————————————————————————————————————————————————————

Transport for London (TfL), the city’s transport authority, is looking into a hacking incidence quite recently discovered, the extent of which has not affected services up to now.

TfL went on to assure that, given the present moment, the information concerning each client’s data has not been thrown out of the window.

“A still unfolding cyber security incident is being handled,” advised an email by the TfL’s Customer Information Team to customers this morning, to be confirmed by statements posted online.

“There’s currently no information that we have lost any records of customer information, and services offered by and large for LTfL, continue to operate.”

The incident has been reported to the National Crime Agency and the National Cyber Security Centre, and so the agency is keeping headache to deal with the situation so that all damage is not on hand.

“Our chief concern is the protection of our systems and the customers’ data, this is the reason why we moved swiftly to make sure that any further breaches do not happen,” the agency said in a statement.

“We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident,”
TfL’s chief technology officer Shashi Verma said in a statement to the BBC.

TfL also confirmed a previous incident from July, where the Cl0p ransomware group breached a MOVEit managed file transfer (MFT) server belonging to one of its suppliers in May 2023. This breach, which occurred outside of TfL’s systems, resulted in the theft of contact details for approximately 13,000 customers. However, banking details were not compromised.

TfL noted that while MOVEit is also used within its own systems, those systems were not affected in the breach.

TfL oversees London’s surface transport, underground, and Crossrail (the Elizabeth line, managed jointly with the UK’s Transport Department), serving over 8.4 million residents.