Transport for London reports ‘staff have limited access to systems’ following cyber incident


The capital’s transport authority has revealed that it has seemingly been hit with an attack, but that it has not uncovered ‘any evidence that any customer data has been compromised’

Transport for London is “dealing with an ongoing cybersecurity incident” that has prevented staff from accessing IT systems and impacted citizens wishing to use the capital’s Dial-a-Ride service.

The public transport authority revealed yesterday that it had discovered the incident which – despite media reports using the term – TfL itself has not yet described as an attack. In a statement, the organisation added that “at present, there is no evidence that any customer data has been compromised”.

The announcement also claimed that “there has been no impact on TfL services”.

But the authority’s website reveals that the Dial-a-Ride service – which provides community door-to-door transport for Londoners with disabilities that prevent them from using buses and trains – has been disrupted. The site said that the service is currently “unable to process any new booking requests” as a result of the “ongoing TfL-wide security incident”.


Related content


“In addition, many of our staff have limited access to systems and email and, as a result, we may be delayed or unable to respond to your query,” the service update added.

This statement echoes news reports of workers being shut out of IT platforms, and being asked to work from home, if possible.

In the meantime, TfL said that “the security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems”.

“We are working closely with the relevant government agencies to respond to the incident,” it added. “We will update you further when the incident has been resolved.”

TfL chief technology officer Shashi Verma said that the organisation still “needs to complete our full assessment”. Response to the incident is being supported by the National Cyber Security Centre and the National Crime Agency, he added.

The NCSC confirmed that it is “working with Transport for London, alongside law-enforcement partners, to fully understand the impact of an incident”.

Sam Trendall

Learn More →

Leave a Reply

Your email address will not be published. Required fields are marked *