Transport for London (TfL), which manages the capital’s public transport network, is now dealing with the impact of a severe cyberattack that has caused major disruption to its services.
On Monday, September 2, Transport for London experienced a sophisticated cyberattack targeting its IT systems. The breach primarily affected the website and multiple internal systems, causing temporary disruptions to service information and ticketing operations.
The transport authority promptly reported the incident to relevant government agencies, including the National Cyber Security Centre and the National Crime Agency. An investigation is ongoing, but there is no evidence so far that customer information was compromised.
“Many of our staff have limited access to systems and email and, as a result, we may be delayed or unable to respond to your query or any webforms previously submitted. We are currently unable to issue refunds for journeys made using contactless cards, and Oyster customers will have to self-serve online.”
Passenger Confusion Rises as TfL Works to Restore Online Services After Cyberattack
The absence of real-time travel updates has confused customers, even though the attack did not affect subway, bus, or rail services. TfL has informed the public that critical safety systems, such as train operations and signalling, are safe and unaffected.
Some live travel data, such as train arrival times and TfL JamCams, is missing from certain platforms like the official website and TfL Go app. However, journey planning and in-station information are still available.
Transport for London has paused applications for Oyster photocards, including Zip cards. Additionally, pay-as-you-go contactless users are no longer able to access their travel history online.
We apologise for any inconvenience these temporary changes may cause,” said TfL’s Chief Technology Officer, Shashi Verma. “We are working to restore these services as quickly as possible.
Customer Notification from TfL Regarding Cyberattack (Transport for London)
Preliminary investigations indicate that the personal data of TfL account holders may have been compromised. TfL is currently investigating the scope of the incident and is recommending that consumers monitor their accounts for any unusual activity. Those affected will be informed individually and advised on how to take preventative steps.
In a few days, all call centre services should be restored. For now, only essential reservations can be made over the phone. TfL confirmed that the incident has not affected public transport services and that the transport network in London is functioning normally despite the disruptions.
This isn’t TfL’s first cyber challenge. In July 2023, the company revealed that the Cl0p ransomware group got the contact information of around 13,000 customers by accessing a supplier’s MOVEit managed file transfer (MFT) server in May 2023.
Reducing an organisation’s susceptibility to a successful attack should be at the forefront of any cyber-risk decision making as we move into this next phase of attack sophistication and complexity.
Continuously phishing and security awareness training is an important aspect to helping satisfy the first side of the information security triangle, which consists of “people,” “process,” and “technology”.
We use cookies to improve your experience whilst using our website. We'll assume you're ok with this, but you can opt-out if you wish. Read MoreCookie settingsACCEPT
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
