Cyberattack on London transport: 17-year-old boy arrested

A 17-year-old boy has been arrested in connection with the cybersecurity incident at Transport for London (TfL), the National Crime Agency (NCA) said.

TfL said an “ongoing cybersecurity incident” had allowed hackers to access sort codes and bank account details of around 5,000 customers.

The NCA said the teenager was arrested in Walsall, West Midlands. on September 5, after the cyberattack began four days earlier.

TfL said data including names, emails and home addresses had been accessed.

The NCA said the teenager was arrested on suspicion of breaching the Computer Misuse Act.

He was questioned by NCA officers and has since been released on bail.

The NCA said it was working with TfL and the National Cyber ​​Security Centre (NCSC) to minimise the risk to customers.

Paul Foster, head of the NCA's National Cyber ​​Crime Unit, said: “Attacks like this on public infrastructure can be hugely disruptive and have serious consequences for local communities and national systems.”

He added: “We have been working hard to support Transport for London following a cyber-attack on their network and to identify the criminals responsible.

“TfL’s rapid response following the incident enabled us to act swiftly and we are grateful for their continued co-operation in our investigation, which is ongoing.”

Shashi Verma, TfL's chief technology officer, said affected customers would be contacted directly.

He added: Together with the NCA and the NCSC, we are conducting an investigation into the cyber attack.

“While there has been very little impact to our customers so far, the situation is evolving and our investigations have revealed that certain customer data has been accessed,” he said.

“This includes some customer names and contact details, including email addresses and home addresses where provided.”

“Some Oyster card refund data may also have been accessed. This could include bank account numbers and sort codes for a limited number of customers.

“As a precautionary measure, we will contact these customers directly as soon as possible to inform them of the support we offer and the steps they can take.”

Mr Verma added that the “security” of its systems and customer data was “very important” to TfL.

“We continuously monitor who accesses our systems to ensure that only authorized people have access,” he said.

“We will continue to keep our customers and our employees updated.

“I would like to apologize for any inconvenience this incident may cause customers and thank everyone for their patience while we respond to this incident.”

The NCSC urges anyone who believes they have been the victim of a data breach to be alert to any suspicious emails, phone calls or text messages.