Transport for London (TfL) staff have reportedly been asked to consider working from home on Tuesday as the transport body faces an ongoing cyber attack.
The organisation’s corporate headquarters at Palestra House, Southwark, is thought to be the main location affected.
TfL has scrambled experts to deal with the attack and the National Crime Agency (NCA) is investigating the breach, but early indications suggest no customer data has been accessed.There has been no impact on London’s transport network.
Employees have been told to work from home if that makes it easier to carry out their roles amid measures put in place in offices, the PA news agency reports.
In a statement on Monday night, TfL’s chief technology officer Shashi Verma said: “We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident.
“The security of our systems and customer data is very important to us and we will continue to assess the situation throughout and after the incident.
“Although we’ll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised.
“There is currently no impact on TfL services, and we are working closely with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to respond to the incident.”
A spokesperson for the NCA said: “We are aware of a cyber security incident involving Transport for London, and are working closely with the National Cyber Security Centre and with TfL itself to respond to it.
“The investigation is ongoing, and we are unable to comment further.”
William Wright, chief executive of cybersecurity company Closed Door Security, said: “The big question people will also want to know is who carried out the attack and if it can be attributed to another country, like Russia.
“TfL was also attacked by Russia last year, so it definitely isn’t out of the realms of possibility.
“Furthermore, given Russia’s recent uptick in attacks on the West, it wouldn’t be surprising, but it is far too early to speculate.”
TfL was targeted by Russian hackers in June last year as part of a wider raid that saw personal information stolen.
In the summer a cyber attack led to more than 10,000 NHS appointments being cancelled.
In 2020, Hackney Council was targeted by cyber criminals who gained access to 440,000 files that reportedly included residents’ “deeply personal information”, affecting at least 280,000 people.
TfL has been approached by the Standard.
