TfL has been hit by a cyber attack that has shut down some of its live travel systems, services and accessed a limited number of Oyster Card customer’s bank details.
After identifying suspicious activity on Sunday 1 September, TfL took action to limit access.
Some Oyster card refund data may have been accessed which could include bank account numbers and sort codes for a limited number of customers (around 5,000).
TfL are now conducting a thorough investigation into the incident, alongside the National Crime Agency and the National Cyber Security Centre.
The proactive measures mean that:
- Live Tube arrival information is not available on some digital channels, including TfL Go and the TfL website. In-station and journey planning information is still available
- Applications for new Oyster photocards, including Zip cards, have been temporarily suspended
- If you travel using a contactless payment card, you won’t be able to access your online journey history
- TfL are unable to issue refunds for incomplete pay as you go journeys made using contactless, so always remember to touch in and out. Oyster customers can self-serve online
- TfL staff have limited access to data systems and, as a result, there will be some delays responding to any online enquiries
TfL has announced that it will keep the public updated as the investigation develops or if any of its downed services come back online.
Achievements and innovations in connectivity will be celebrated at the third annual CiTTi Awards, which will be held on 26 November 2024 at De Vere Grand Connaught Rooms in London. Nominations are open now! Please visit www.cittiawards.co.uk to learn more about this unmissable event for the UK’s transportation sector
