Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
National
Noah Vickers

TfL cyber attack: Independent review will examine huge hack and response

Transport for London was hit by a cyber attack on August 31, with impacts felt in the weeks and months that followed - (PA Archive)

An independent investigation will be held into the cyber attack which hit Transport for London (TfL), and how the organisation responded to it.

The effects of the cyber attack, which targeted TfL on August 31, have been felt over several weeks and months, and the transport authority has only recently re-opened applications for new Oyster photocards.

It had suspended applications as a precautionary measure while the organisation undertook security checks to “reduce the risk of further attacks”.

While TfL has stressed that the incident did not, for the most part, “disrupt our core operations”, papers published on Tuesday night ahead of its next board meeting reveal that an “independent review” will be held to look at how it handled the attack.

“Given the nature and scale of the cyber incident, an independent review will be conducted to consider the circumstances surrounding the incident and the impact, our response to the incident, and whether further improvements are needed to our cyber security strategy, taking into consideration existing initiatives that are in progress,” the papers state.

“As the cyber incident is ongoing and the subject of a criminal investigation by the NCA [National Crime Agency], the review may be undertaken in phases. The review will be overseen by members of our Board.”

The papers add: “We are continuing to work with the NCA and NCSC [National Cyber Security Centre] to conduct a thorough investigation into the incident and the NCA has confirmed that one arrest has been made to date.

“Partners (including the NCSC, NCA and Microsoft) have stated their view that we responded well to the incident and disrupted the attack to some extent, potentially preventing a far worse outcome.

“Our investigations identified that some limited customer data had been accessed. We contacted around 5,000 customers whose bank account details were accessed as a precautionary measure to offer them support and guidance.”

At a meeting of the London Assembly’s oversight committee on Wednesday, TfL’s chief technology officer, Shashi Verma, provided an update on the re-opening of Oyster photocard applications.

He said: “We’re working to process all applications as quickly as possible and have already processed and dispatched more than 30,000 18+ Oyster student photocards, more than 10,000 60+ Oyster photocards and nearly 600 Apprentice photocards since the applications reopened.

“Once new photocards have been applied for, where possible, credit remaining on expired Oyster photocards can be transferred across to new photocards by contacting our customer services team.

“Customers are also advised to keep a record of any fares that they should be refunded. We’re beginning to work through our refunds for some of our customers, and are working in a priority order, starting with the oldest cases first.”

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.