Go-Ahead, one of the UK’s biggest transport companies, has said it is managing a cyber-attack that has affected software used to schedule bus drivers and services.
The company, an important provider of UK bus services and London’s biggest operator, said it became aware of a fault on its server late on Sunday and was working hard to keep buses running without disruption.
The issues became more widespread on Monday, affecting several back office systems, including bus services and payroll software.
Go-Ahead said it was working with IBM to activate backup systems to ensure its bus services can keep running. The cyber-attack does not affect its rail business, which runs on separate systems and is operating normally in the UK and abroad.
A spokesperson said: “We’re doing everything possible to ensure services continue without interruption but if services are affected we’ll inform our customers using social media.”
The company later said in a statement: “Go-Ahead’s bus companies are operating a normal service today in spite of the cybersecurity incident. Although certain technology functions are unavailable, backup procedures have been put in place and buses are running as usual. We are confident of operating a comprehensive service tomorrow.”
Go-Ahead runs Great Northern, Thameslink, Gatwick Express and Southern rail and also operates rail services in Norway and Germany. It runs nearly a quarter of London’s buses as well as bus services in southern and eastern England, and also has bus contracts in Singapore, Sweden and Ireland.
The company has informed regulators of the attack, including the Information Commissioner’s Office in the UK.
In June, Go-Ahead accepted a £650m takeover offer from a consortium of the Australian bus operator Kinetic and the infrastructure specialist Globalvia. It is the latest British transport company to become a takeover target, along with Stagecoach and FirstGroup. The deal is expected to be completed in October after shareholders voted last month to accept the terms.
Cyber-attacks on governments, companies and other organisations have multiplied in recent years. Doctors have been forced to take care notes with pen and paper after a recent cyber-attack on an NHS supplier, the software and services provider Advanced.
Two years ago, easyJet admitted the personal information of 9 million customers was accessed in a “highly sophisticated” cyber-attack on the airline, one of the biggest to affect any company in the UK.
British Airways was told in July 2019 that it faced a fine of £183m after hackers stole the personal information of half a million customers. In the same month, the hotels group Marriott was warned it could be fined £99.2m for a breach that exposed the data of 339 million customers worldwide. The actual fines given out the following year were £20m and £18.4m respectively. Banks and telecoms companies have also been hacked in recent years.
• This article was amended on 6 September 2022. An earlier version said that British Airways and Marriott were fined £183m and £99.2m respectively in 2019. These were proposed amounts; the actual fines handed down by the Information Commissioner’s Office, in 2020, were £20m and £18.4m.