The National Crime Agency (NCA) has announced the arrest of a teenager as part of its investigation into a cyber security incident involving Transport for London (TfL). The 17-year-old male was taken into custody on September 5, suspected of offenses under the Computer Misuse Act related to the cyber attack that occurred on September 1.
Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, stated, “We have been working rapidly to support Transport for London following the cyber attack on their network, aiming to identify the individuals responsible.” He emphasized that the incident targeted public infrastructure and highlighted its potential for significant disruption. Foster acknowledged TfL’s prompt response, which facilitated swift action, and expressed gratitude for their ongoing cooperation in the investigation, which is still underway.
TfL initially reported experiencing an “ongoing cyber security incident” on September 1. As a result, the organization temporarily suspended the Dial-a-Ride service for disabled passengers during the attack.
While TfL had initially found no evidence of customer data compromise, a more detailed investigation has revealed that some customer data was indeed accessed during the incident, leading TfL to notify the Information Commissioner’s Office. Shashi Verma, TfL’s Chief Technology Officer, stated, “Although the impact on our customers has been minimal so far, the situation is evolving, and our findings indicate that specific customer data has been accessed.” This data includes names and contact information (such as email and home addresses), as well as potential access to some Oyster card refund data, which may involve bank account details for a limited number of customers. TfL plans to directly contact these customers to inform them of available support and necessary steps.
Verma also noted, “We have notified the Information Commissioner’s Office and are actively collaborating with our partners to move forward with the investigation,” promising further updates as they become available.
In light of the incident, TfL has implemented new IT security protocols to protect all critical systems and processes. As a result of these measures, the rollout of contactless payment across 47 additional stations has been delayed. Verma explained, “Due to the security measures we are implementing, we cannot make the necessary system adjustments to enable contactless pay-as-you-go services at these stations as planned on September 22.”