‘Transport for London’ Announced Ongoing Cyber Security Incident

• U.K. huge transportation network company Transport for London announced facing an ongoing cyberattack.
• Its services were not impacted, apparently, and efforts are invested in containing the security incident.
• While an investigation has started, no further details of the nature and scope of the breach have been disclosed.

Transport for London (TfL) is currently addressing an ongoing cybersecurity incident that has not impacted TfL's services. The company said no evidence of personal data breaches was found, including sensitive information such as banking details, and containing measures are applied.

TfL, which manages the city’s vast transportation network, confirmed in a recent statement that it is collaborating with key government agencies, including the National Crime Agency and the National Cyber Security Centre, to address the cyber threat. Specific details about the nature of the attack are not available at the moment.

The transportation company’s Chief Technology Officer announced a series of measures are in place to safeguard internal systems and prevent further unauthorized access, as TfL serves millions of residents daily across the underground, surface, and Crossrail (Elizabeth line) systems.

This incident follows a previous data breach in July 2023, when a third-party supplier’s MOVEit-managed file transfer server was compromised, affecting approximately 13,000 customers' contact details. However, TfL maintained that banking information was not compromised in that breach.

Cl0p ransomware claimed the massive 2023 MOVEit security incident, in which the group exploited the zero-day vulnerability (CVE-2023-34362) in the MOVEit Transfer managed file transfer (MFT) software. 

The actor gained access to files that contained names, dates of birth, Social Security numbers, bank account details, credit card data, driver's license numbers, and taxpayer identification numbers.

The largest Houston-area credit union, Texas Dow Employees Credit Union (TDECU), was one of the victims of the security incident and started notifying 500,474 customers who were affected.