Transport for London suffers ongoing cyber incident

3 Sep 2024

Image: © Dmitry Naumov/Stock.adobe.com

The transport company said there is no evidence that any customer data has been compromised.

Transport for London (TfL), the organisation responsible for most of the city’s transport, has reported it is dealing with “an ongoing cybersecurity incident”.

In a statement, TfL said that it is working closely with relevant government agencies to respond to the incident.

At the time of reporting, a spokesperson for TfL told SiliconRepublic.com that there continues to be “no impact to any TfL services and no evidence that any customer data has been compromised”.

Shashi Verma, TfL’s chief technology officer, said the company has introduced a number of measures to its internal systems to deal with the ongoing cyber incident.

“The security of our systems and customer data is very important to us and we will continue to assess the situation throughout and after the incident. Although we’ll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised,” he said.

“We are working closely with the National Crime Agency and the National Cyber Security Centre to respond to the incident.”

According to the BBC, the incident has mainly affected the organisation’s backroom systems at the corporate headquarters.

Jake Moore, a global cybersecurity adviser at cybersecurity company ESET said while companies don’t always disclose cyberattacks that have not yet been seen to affect customers, “honesty is clearly TfL’s best policy”.

“Companies are required to notify customers when personal data is compromised but not if the matter remains an internal situation where customers are not affected,” he said.

“Large corporations often attempt their best to conceal any form of cyberattack. However, if an incident occurs that isn’t currently affecting operations, it is still best to keep customers and staff informed at the earliest possibility should the situation change.”

Protecting critical infrastructure

While it is not yet clear whether or not this cyber incident was a result of a malicious cyberattack, attention has been mounting on the need to protect the cybersecurity of critical national infrastructure (CNI).

In June of this year, London suffered from another cyber incident when a dangerous ransomware attack impacted multiple hospitals in the city, causing various procedures to be cancelled or redirected.

In the US, a ransomware attack hit UnitedHealth’s Change Healthcare business, which the company said cost $872m in the first quarter of 2024. More recently, US oil service company Halliburton was forced to shut down some of its systems after a cyberattack.

Spencer Starkey, executive VP of EMEA at cybersecurity company SonicWall, said that due to the importance of CNI, safeguarding it is “vital to maintain order and prevent potential disasters” caused by cyberattacks.

“The ramifications of an attack and ensuing outage on CNI can be disastrous and it’s important to place the utmost amount of time, money and efforts on securing them.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Jenny Darmody is the editor of Silicon Republic

editorial@siliconrepublic.com