Transport for London, the governmental body tasked with running the capital's transit system, is battling a cyberattack that has stretched into a second week. The backbone of the transit operations remains intact and fully functional; however, many of TfL's online services and digital customer platforms are still down, an indicator of the severity of the situation.
TfL Confirms Ongoing Cyber Incident
An update was published on the website of TfL on October 14th with regard to the cyber incident. It confirmed that a cyber incident was "still being worked on." This came to replace its previous statement that there is "no evidence" the customer data has been breached. Now it is worded as "working to secure our systems and your data", which sends menaces of data breaches.
The uncertainty about whether or not customer data is safe has grown since TfL took back the earlier assertion of no compromise of data. To explain whether they have the technical capability-including log analysis-to determine if customer or employee data has been stolen or exfiltrated during the attack, TechCrunch reached out to TfL. However, TfL spokesperson Thomas Canning dodged these questions. Although TfL confirmed the update to the website, it is not known if the attackers have accessed any kind of information related to customers or employees.
Customer Concerns and Impact on Digital Services
While the cyberattack did not directly impact the transit system, the extended unavailability of online services has caused a great deal of inconvenience to users. Many key digital capabilities remain unavailable, and there is concern about possible long-term impacts on the way customers interact with the transit agency. In fact, TfL has successfully reassured the public that their top priority now is the resolution of this issue and protection of their digital infrastructure against such incidents in the future.
What's in Store for TfL?
Since the cyber-attack is continuous, questions such as the extent of the breach and whether sensitive data has been pilfered are left unanswered. While TfL tries to suppress the situation, until the full breadth of the incident is clarified, a likelihood exists that public trust in protection against leakages of personal data will be put on the agenda.
This indicates the nature of the risk that public organisations face when confronted with sophisticated cyber threats and how such occurrences can be better avoided in the future through more effective cybersecurity measures.
Preventative Measures and Security Focus
This will perhaps shape future policy at TfL around cybersecurity issues, with better protection for customer data and not allowing such an attack to take place in the future. While recuperation of affected digital services takes place, any perceived opacity or lack of clear communication about what happened may hamper efforts to restore confidence in the security of customers' personal information.
This is a still-ongoing incident that serves as a good reminder that organisations all over the world should be very aware and proactive with respect to cybersecurity, constantly reevaluating defenses to minimise the threat, which always seems to be growing.
