iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Last week’s Transport for London (TfL) cyber attack continues to develop as staff now have limited access to the agency’s systems.
Despite last week saying that there had been “no impact” on its services, until days later when it announced that its Dial-a-Ride service for disabled passengers had been affected, TfL has now implemented measures that have limited staff access to email and systems.
“Many of our staff have limited access to systems and email, and, as a result, we may be delayed or unable to respond to your query or any webforms previously submitted,” said TfL.
The transport agency announced on Friday (6 September) that while public transport was “operating as usual”, other aspects of its services had been impacted.
For starters, applications for new Oyster photocards have been suspended, and contactless customers are unable to see their journey history.
Additionally, contactless customers are unable to receive refunds, and those using Oyster cards will need to “self-serve online”.
Finally, digital channels like the TfL Go app and the website do not display live Tube arrival information.
While not mentioned, those using apps such as Citymapper to plan their trips reported last week that they were having issues, with train times and other data not loading.
TfL continues to provide little information on the incident, failing to reveal the nature of the incident or name the threat actor behind it.
TfL was affected by the major MOVEit supply chain attack last year, orchestrated by the Russian Clop ransomware gang.
While the company confirmed that its own systems were not compromised, it said that the contact detail data of roughly 13,000 customers was exfiltrated by the threat actors. Banking information was not compromised.
Be the first to hear the latest developments in the cyber industry.
