Wi-Fi blocked at major UK train stations after 'cybersecurity incident' | UK news

Following a “cybersecurity incident,” Wi-Fi networks have been blocked at several train stations across the UK.

Wi-Fi service was blocked in 19 train stations, including London Euston, Manchester Piccadilly and Birmingham New Street, on Wednesday evening following the incident. The service was still unavailable on Thursday morning.

The Manchester Evening News reported that passengers using the Wi-Fi at Piccadilly station were redirected to a website called “We love you, Europe,” which contained anti-Islam messages and details of several terrorist attacks that have taken place in the UK and Europe.

A Network Rail spokesperson said: “We are currently dealing with a cybersecurity incident affecting public Wi-Fi at stations managed by Network Rail. This service is provided via a third party provider and has been suspended while the investigation is ongoing.”

A British Transport Police spokesman said: “We are aware of a cyber-attack affecting some Network Rail Wi-Fi services, which was reported to us at around 5.03pm today (25 September). We are working with Network Rail to investigate the incident.”

Telent, the company that provides Wi-Fi services to Network Rail, confirmed to the BBC that it was aware of the “security incident” and was “investigating with Network Rail and other stakeholders”.

In London, ten major railway stations were affected: King's Cross, London Bridge, Euston, Victoria, Cannon Street, Charing Cross, Liverpool Street, Clapham Junction, Waterloo and Paddington.

The stations also affected were Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street, Glasgow Central, Leeds City, Bristol Temple Meads, Edinburgh Waverley, Reading and Guildford.

Earlier this month, Transport for London was the target of a cyberattack that may have stolen the data of thousands of customers.

While TfL services continued as normal and were not directly affected, the company restricted access to live journey data provided to travel apps such as Citymapper and TfL Go, as well as some other customer services including journey history and photocard registration, while it dealt with the data breach.

A teenager from Walsall has been arrested in connection with the TfL hack.

The National Crime Agency (NCA) said a 17-year-old man was arrested on suspicion of breaches of the Computer Misuse Act 1990 in connection with the attack on TfL's systems on September 1. The teenager was arrested last week and released on bail after being questioned by NCA officers.

TfL said it had contacted around 5,000 customers as a precaution to warn them that their email and bank account details may have been accessed – apparently those who had requested refunds for journeys made using Oyster cards.

On Monday, a TfL spokesman said no date had been set for when passenger journey and live travel data would be accessible again. He added: “We can reassure customers that once the data is available, they will be able to see their full journey history and correct any incomplete journeys or maximum fares.”