A man has been arrested after London’s biggest train stations had their Wi-Fi networks hacked by a cyber-attack displaying Islamophobic messages, police said.
Officers are investigating after the attack on internet services at 19 stations across the UK managed by the Network Rail.
On Thursday evening, the British Transport Police said a male employee of Global Reach, the company that provides wifi services to Network Rail, had been arrested on suspicion of offences under the Computer Misuse Act 1990 and the Malicious Communications Act 1988.
A spokesperson said: “Officers received reports just after 5pm yesterday of a breach of some Network Rail wifi services at railway stations which were displaying Islamophobic messaging.
"The abuse of access was restricted to the defacement of the splash pages, and no personal data is known to have been affected."
People logging onto the Wi-Fi saw a webpage containing details of terrorist incidents in the UK and abroad.
Wi-Fi services at the affected stations were suspended on Wednesday night and were still down on Thursday morning.
Ten stations in London were affected by the hack.
They are: Euston, Victoria, King’s Cross, London Bridge, Cannon Street, Charing Cross, Liverpool Street, Paddington, Clapham Junction and Waterloo.
Other stations targeted by the hack include Manchester Piccadilly, Birmingham New Street, Glasgow Central, Leeds City, Liverpool Lime Street, Bristol Temple Meads, Edinburgh Waverley, Reading, and Guildford.
A Network Rail spokesperson said on Thursday: “Last night the public Wi-Fi at 19 of Network Rail's managed stations was subjected to a cyber security incident and was quickly taken off-line. The incident is subject to a full investigation.
“The Wi-Fi is provided by a third party, is self-contained and is a simple 'click & connect' service that doesn’t collect any personal data. Once our final security checks have been completed we anticipate the service will be restored by the weekend."
A spokesperson for Telent, the third party which provides the Wi-Fi for Network Rail, said: “Following the incident affecting the public Wi-Fi at Network Rail’s managed stations, Telent have been working with Network Rail and other stakeholders.”
A National Crime Agency spokesperson said: “We are aware of an incident impacting Network Rail which is being investigated by British Transport Police. National Crime Agency officers are working alongside partners in the NCSC and BTP to provide support to the victim.”
The hack was understood to have potentially exposed the bank account details of about 5,000 passengers - either via activity on their Oyster card account or refund data. This includes account numbers and sort codes.
A 17-year-old male was arrested on September 5 on suspicion of Computer Misuse Act offences in relation to the attack and bailed.
