Updated on: September 15, 2024
A 17-year-old boy has been arrested in relation to a cybersecurity incident involving Transport for London (TfL), the National Crime Agency (NCA) announced.
TfL reported that approximately 5,000 customers’ sort codes and bank account details may have been accessed by hackers during an ongoing cybersecurity incident. A spokesperson for TfL confirmed that personal data, including names, email addresses, and home addresses, had also been compromised.
The 17-year-old suspect was arrested in Walsall, West Midlands, on 5 September, 4 days after the attack began. NCA explained that the teenager was arrested on suspicion of offences under the Computer Misuse Act. He was questioned by NCA officers and has been released on bail.
The NCA added that it is collaborating with TfL and the National Cyber Security Centre (NCSC) to reduce the risk to customers.
“Attacks on public infrastructure such as this can be hugely disruptive and lead to severe consequences for local communities and national systems,” said Paul Foster, head of the NCA’s National Cyber Crime Unit.
“We have been working at pace to support Transport for London following a cyber attack on their network, and to identify the criminal actors responsible. The swift response by TfL following the incident has enabled us to act quickly, and we are grateful for their continued co-operation with our investigation, which remains ongoing,” he continued.
He stated that although the impact on customers has been minimal so far, the situation is still developing. As a precaution, affected customers will be contacted directly to advise them on the support available and steps they can take.
“We continually monitor who is accessing our systems to ensure only those authorised can gain access,” he continued. We will continue to keep our customers and our staff updated.
I would like to apologise for the inconvenience this incident may cause customers and I thank everyone for their patience as we respond to this incident.”