UK: The expansion of pay-as-you-go contactless payment to 47 more c2c, London Northwestern Railway, Southeastern and South Western Railway stations has been put on hold because of the ongoing cybersecurity incident at Transport for London.
TfL is working with the Department for Transport and the Rail Delivery Group to reschedule the roll-out, which had been scheduled for September 22.
The train operators stressed that it is a TfL problem, and the matter is out of their hands.
‘While this is extremely unfortunate, we recognise that it is vitally important that all issues are fully and satisfactorily resolved by TfL before we move forward’, c2c Managing Director Rob Mullen said on September 12.
Customer data concerns
On September 1 TfL identified suspicious activity and took action to limit access to some online systems. These included journey history, live travel data and the photocard portal where people apply for travel concessions. Additional measures included an all-staff IT identity check.
An investigation was launched with the National Crime Agency and the National Cyber Security Centre. On September 12, NCA said a 17-year-old male had been arrested in Walsall on September 5 on suspicion of Computer Misuse Act offences in relation to the attack. He was questioned by NCA officers and bailed.
On September 6 TfL had insisted there was ‘no evidence that any customer data has been compromised’, but in an update on September 12 Chief Technology Officer Shashi Verma said ’the situation continues to evolve and our investigations have identified that certain customer data has been accessed’.
This includes some customer names and contact details, including e-mail addresses and home addresses where provided. Some Oyster smart card refund data may also have been accessed. This could include bank account numbers and sort codes for around 5 000 customers.
‘As a precautionary measure, we will be contacting these customers directly as soon as possible to advise them of the support we can provide and the steps they can take’, said Verma. ‘We have notified the Information Commissioner’s Office and are working at pace with our partners to progress the investigation. We will provide further updates as soon as possible.’