Transport for London (TfL) says that every one workers (roughly 30,000 staff) should attend in-person appointments to confirm their identities and reset passwords following a cybersecurity incident disclosed virtually two weeks in the past.
“Resetting 30,000 colleague passwords in individual will take a while and we can be prioritising the allocation of appointments centrally,” TfL stated on the TfL worker hub.
“This implies everybody can be required to attend an appointment at a specified TfL location to reset their password and be verified in-person for entry to TfL functions and information,” it added.
The identical method was taken by DICK’S Sporting Items’ IT workers after an August cyberattack, manually validating staff’ identities on digicam earlier than permitting them to regain entry to inner programs.
The London public transportation company first knowledgeable the general public on September 2 concerning the cybersecurity breach, assuring clients that there was no proof of compromised information.
Though the assault didn’t have an effect on London’s transportation providers, it disrupted inner programs, on-line providers, and the company’s capability to course of refunds. As of final Friday, TfL workers continued to face outages and system disruptions, impacting their capability to answer buyer requests and situation refunds for contactless journeys.
This week, an replace on TfL’s incident standing web page revealed that buyer information, together with names, contact particulars, and addresses, had been compromised throughout the assault.
“Some clients might ask questions concerning the safety of our community and their information. Before everything, we should reassure that our community is protected,” the transport company added on the TfL worker hub. “Secondly, we’re contacting clients instantly about steps being taken concerning their information.”
TfL additionally confirmed that attackers accessed worker and buyer listing information, together with e mail addresses, job titles, and worker numbers. Nonetheless, it stated there was no proof that different delicate information, similar to banking particulars, dates of delivery, or dwelling addresses, had been compromised.
Suspect arrested by UK’s Nationwide Crime Company
On Thursday, the UK’s Nationwide Crime Company arrested a 17-year-old Walsall teenager suspected of being linked to the cyberattack on the town’s public transportation company. {The teenager} was later launched on bail after being questioned by NCA officers.
The NCA additionally arrested a 17-year-old male from Walsall in July for a attainable hyperlink to the MGM Resorts ransomware assault. This assault was attributed to the Scattered Spider hacking collective, which acted as an affiliate of the BlackCat ransomware gang.
BleepingComputer requested the NCA if the identical particular person was arrested once more in September however has not but obtained a response.
TfL serves greater than 8.4 million Londoners by its floor, underground, and Crossrail (collectively managed with the UK’s Transport Division) transport programs.
In Might 2023, the company skilled one other information breach when the Clop ransomware gang stole information belonging to roughly 13,000 clients from one in all its suppliers’ MOVEit managed file switch (MFT) servers.