Attack On Transport For London Exposed Passenger Bank Details

Uploaded on 2024-09-17 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Transport & Travel, TECHNOLOGY--Hackers

The recent cyber attack on Transport for London (TfL) is much worse than first thought. TfL has now said. This comes after it was revealed a teenager had been arrested in connection with the hack. 

Names and phone numbers of passengers are thought to have been obtained, including some personal data from Oyster cards and Contactless bank cards used to make journeys on the capital’s public transport network and 30,000 employees' passwords will need to be reset via in-person appointments.

The hack is understood to have potentially exposed the bank account details of about 5,000 passengers, either via activity on their Oyster card account or refund data. This includes account numbers and sort codes.

In addition, an unknown number of passengers who had signed up to TfL email alerts and are thought to have  had their name, home address or email account exposed. TfL will contact the affected customers and it  is taking immediate measures to improve online security.

In the latest development, the UK National Crime Agency (NCA) has said that a 17-year-old male has been arrested on suspicion of offences in relation to the Computer Misuse Act. The teenager, who was arrested in Walsall on 5 September and has been questioned by NCA officers and released on  bail. 

This cyber attack has wider implications for the roll-out of contactless train travel outside London. TfL has been fitting contactless ticket barriers to about 100 stations and this has now been paused. 

While the network continues to run, parts of the TfL IT infrastructure are offline. Live tube arrival information isn't available, applications for new Oyster photocards have been suspended, and refunds for incomplete pay-as-you-go journeys made using contactless and the rail staff have limited access to systems.

NCA   |   Standard   |   CityAM   |    Yahoo   |    Southwark News   |    Register   |    

Image: Ben Wicks

You Might Also Read: 

Electric Vehicle Charging Stations Are Here - Will Cyberattacks Follow?:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Who Are The Top 10 Cyber Security Companies? [extract]
Which US States Are Most At Risk From Cyber Attacks?  »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

RevenueStream

RevenueStream

RevenueStream uses an innovative algorithmic approach to intercept and prevent payment fraud before it even happens.

Visual Guard

Visual Guard

Visual Guard is a modular solution covering most application security requirements, from application-level security systems to Corporate Identity and Access Management Solutions.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

authUSB

authUSB

authUSB Safe Door is a tool that provides secure access to the content of USB devices that circulate in organizations.

TechDemocracy

TechDemocracy

TechDemocracy are a trusted, global cyber risk assurance solutions provider whose DNA is rooted in cyber advisory, managed and implementation services.

Sentinel

Sentinel

Sentinel works with governments, media and defence agencies to help protect democracies from disinformation campaigns by developing a state-of-the-art AI detection platform.

LogicalTrust

LogicalTrust

LogicalTrust security testing specialists find the weakest points in your company and show you how to fix them step-by-step, as well as how to improve your security.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

Path Forward IT

Path Forward IT

Path Forward IT has been troubleshooting, architecting, migrating, protecting, and securing IT environments for businesses across the USA since 2002.

Cybrella

Cybrella

Cybrella offers professional cybersecurity services for small to medium sized businesses and to larger enterprises looking to expand their cybersecurity capabilities.

Celcom

Celcom

Celcom is the oldest mobile telecommunications provider in Malaysia, providing solutions and services to consumers and businesses.

CloudWave

CloudWave

CloudWave, the expert in healthcare data security, provides cloud, cybersecurity, and managed services to healthcare organizations.

Dexian

Dexian

Dexian is a leading provider of staffing, IT, and workforce solutions with nearly 12,000 employees and 70 locations worldwide.

SENTRIQS

SENTRIQS

SENTRIQS advanced encryption technology is engineered to defend against the most sophisticated cyber threats, keeping your operations efficient and secure.

Forsyte IT Solutions

Forsyte IT Solutions

Forsyte Guardian 365 provides 24x7x365 personalized protection to keep your most valuable assets safe.

Bumi Optimus

Bumi Optimus

Bumi Optimus aims to be in the forefront of the digital industry with technologies such as AI, Data Science, Mixed Reality, Blockchain, Cybersecurity and Cloud Computing.