close
close

Transport for London outages extend into weekend after cyber attack

Posted on by angelo
Transport for London outages extend into weekend after cyber attack

Transport for London, the government agency that oversees the British capital’s public transport system, said it was experiencing online outages due to an “ongoing cybersecurity incident” that is expected to last through the weekend.

TfL, which runs the London Underground (known as the Tube), buses and trams across London, said that while the city’s public transport system is “operating as usual”, several customer-facing systems are offline, including some ticketing systems and its online real-time information on Tube arrivals.

Details of the incident remain scarce. TfL disclosed the cyberattack on September 2 and said it had taken steps to “prevent further access to its systems.”

In a brief update on its website on Friday, TfL said it had no evidence that customer data had been compromised in the cyberattack.

TfL spokeswoman Princess Mills declined to answer specific questions from TechCrunch about the incident, including what evidence, such as logs, the organization has to determine whether data was stolen. TfL also declined to make the official who oversees cybersecurity available for an interview.

In a brief statement attributed to TfL’s chief technical officer, Shashi Verma, the transport network confirmed it had “identified suspicious activity on Sunday and taken steps to limit access”.

According to Friday’s cyber incident page, TfL said: “Many of our employees have limited access to systems and emails and as a result we may be delayed or unable to respond to your request or any previously submitted web forms.”

According to sources speaking to BBC News, TfL employees have been asked to work from home as many of the organisation’s back-office systems at its head office are affected.

A TechCrunch study of TfL’s public web infrastructure shows that much of the organisation’s systems are either offline or have been blocked from accessing the public internet, likely in an attempt to isolate intruders and prevent further access.

At the time of writing, TechCrunch found that several TfL systems, including its employee login portal, were still accessible from the internet.

Updated with post-publication comments from TfL.