Boy, 17, arrested after Transport for London hit by ‘hugely disruptive’ cyber attack
A 17-YEAR-OLD boy has been arrested in connection with a cyber security attack on Transport for London.
The teen was arrested in Walsall, on suspicion of Computer Misuse Act offences, in relation to the TfL hit on September 1.
The boy was questioned by National Crime Agency officers and has since been bailed.
TfL launched an urgent probe into the cyber attack, alongside the NCA.
It was revealed some customer names and contact details had been compromised.
Some Oyster card refund data may also have been accessed, which could include bank account details.
Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “We have been working at pace to support Transport for London following a cyber attack on their network, and to identify the criminal actors responsible.
“Attacks on public infrastructure such as this can be hugely disruptive and lead to severe consequences for local communities and national systems.
“The swift response by TfL following the incident has enabled us to act quickly, and we are grateful for their continued co-operation with our investigation, which remains ongoing.
“The NCA leads the UK’s response to cybercrime. We work closely with partners to protect the public by ensuring cyber criminals cannot act with impunity, whether that be by bringing them before the courts or through other disruptive and preventative action.”
TfL also issued an update today which read: “Although there has been very little impact on our customers so far, the situation is evolving and our investigations have identified that certain customer data has been accessed.
“This includes some customer names and contact details, including email addresses and home addresses where provided.
“Some Oyster card refund data may have also been accessed. This could include bank account numbers and sort codes for a limited number of customers (around 5,000).
“If you are affected, we will contact you directly as soon as possible as a precautionary measure, and will offer you support and guidance.”
It comes after TfL warned they were “dealing with cyber attack” and the National Crime Agency has launched a probe earlier this month.
TfL urgently enlisted help from tech experts to figure out the cause of the breach.
A warning message sent by the TfL Customer Information Team read: “We are currently dealing with an ongoing cyber security incident. At present there is no evidence that any customer data has been compromised and there has been no impact on TfL services.
“The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems.
“We are working closely with the relevant government agencies to respond to the incident.
“You can get the latest information on our website. We will update you further when the incident has been resolved.”
Shashi Verma, TfL’s Chief Technology Officer, added: “We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident.
“The security of our systems and customer data is very important to us and we will continue to assess the situation throughout and after the incident.
“Although we’ll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised.
“There is currently no impact to TfL services and we are working closely with the National Crime Agency and the National Cyber Security Centre to respond to the incident.”