Transport for London outages drag into weekend after cyberattack

Transport for London, the government body overseeing the U.K. capital’s public transit system, said it is experiencing online outages due to an “ongoing cyber security incident” set to drag into the weekend. 

TfL, which runs the London Underground (known as the Tube), buses and trams across London, said that while the city’s public transit system is “operating as usual,” several customer-facing systems are offline, including some ticketing systems and its online real-time Tube arrival information. 

Details of the incident remain scarce. TfL disclosed the cyberattack on September 2, and said that it took action to “prevent further access to its systems.” 

In a brief update on its website on Friday, TfL said it has no evidence yet that any customer data was compromised in the cyberattack. 

A spokesperson for TfL did not respond to a request for comment about what evidence, such as logs, the organization has to determine if any data was stolen. It’s unclear if the organization is able to receive email due to the cyberattack. According to the cyber incident page, TfL says, “many of our staff have limited access to systems and email and, as a result, we may be delayed or unable to respond to your query or any webforms previously submitted.”

According to sources speaking to BBC News, TfL employees have been told to work from home, as much of the organization’s back-office systems at its headquarters are affected. 

A review by TechCrunch of TfL’s public-facing web infrastructure shows much of the organization’s systems are no longer online, or have been restricted from accessing the public internet, likely in an effort to isolate the intruders and prevent further access. 

At the time of writing, TechCrunch found several TfL systems, including its employee log-on portal, were still accessible from the internet.