Transport for London (TfL), which oversees much of the public transport network in England's capital, is dealing with an ongoing "cyber security incident."
The organization confirmed the situation yesterday, stating: "We are currently dealing with an ongoing cyber security incident. The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems."
TfL is collaborating closely with relevant government agencies to address the attack and has promised to provide updates as the situation progresses.
In a statement to The Register, TfL's Chief Technology Officer, Shashi Verma, said: "We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident. Although we'll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised. There is currently no impact to TfL services and we are working closely with the National Crime Agency and the National Cyber Security Centre to respond to the incident."
A spokesperson from the National Cyber Security Centre (NCSC) added: "We are working with Transport for London, alongside law enforcement partners, to fully understand the impact of an incident."
Reports indicate that backroom systems at TfL's corporate headquarters have been affected, prompting staff to work from home where possible. Andrew Brown, managing director and co-owner of software developer Propel Tech, noted that the targeting of backroom systems exposes vulnerabilities that could have severe consequences. He warned that a successful breach could disrupt services, potentially bringing London to a standstill, and could result in significant data breaches.
Brown also highlighted that the decision to have employees work remotely suggests there is still significant work to be done to resolve the issue. Notably, the sign-in page for Oyster and Contactless payments on the TfL network has been taken offline for maintenance, coinciding with the ongoing incident.