Categories: CyberCrimeSecurity

Police Arrest Youth Over London Transport Hack

The National Crime Agency (NCA) said it has arrested a 17-year-old male in Walsall, in the West Midlands, as part of its investigation into this month’s cyber-attack on Transport for London.

The teenager was detained on 5 September on suspicion of Computer Misuse Act offences in relation to the 1 September attack, was questioned and later released on bail, the NCA said.

The agency said it is leading the law enforcement response and is working with the National Cyber Security Centre and TfL to minimise risks.

“Attacks on public infrastructure such as this can be hugely disruptive and lead to severe consequences for local communities and national systems,” said deputy NCA director Paul Foster, head of the agency’s National Cyber Crime Unit.

Customer data

“The swift response by TfL following the incident has enabled us to act quickly, and we are grateful for their continued co-operation with our investigation, which remains ongoing.”

After initially saying customer data had not been affected, TfL has now confirmed about 5,000 customers’ sort codes and bank details may have been compromised as part of the incident.

TfL said data including names, emails and home addresses were accessed.

Chief technology officer Shashi Verma said those affected would be contacted directly.

“The situation continues to evolve and our investigations have identified that certain customer data has been accessed,” he said.

This includes customer contact details, including email addresses and home addresses where provided, as well as Oyster card refund data that could include bank account numbers and sort codes for a “limited” number of customers, he said.

He said the security of its systems and customer data were “very important” to the transport provider.

“I would like to apologise for the inconvenience this incident may cause customers and I thank everyone for their patience as we respond to this incident,” Verma said.

‘Scattered Spider’

The incident did not disrupt travel services but did force TfL to shut down some internal services.

The NCA also arrested a 17-year-old male from Walsall in July of this year over a possible link to the 2023 ransomware hacks of MGM Resorts and Caesars venues in an incident attributed to the Scattered Spider hacking collective, which was acting as an affiliate for the now-defunct BlackCat ransomware gang.

The NCA has not indicated whether the two arrests involved the same person.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Meta Shows Sound-Capable AI Video Generation Tool

Facebook parent Meta shows AI video generation tool Movie Gen that can create 16-second clips…

14 hours ago

US Think Tank Probes NASA Staff Over Trump, Musk Criticism

Conservative think tank requests NASA employee communications discussing Donald Trump, Elon Musk as it compiles…

14 hours ago

EU States Approve China EV Tariffs In Split Vote

EU member states approve hefty tariffs on China-made EVs in spite of opposition from Hungary…

15 hours ago

Google Threatens New Zealand News Ban Over Law

Google says it would stop linking to news in New Zealand if country passes law…

15 hours ago

The Age of Virtual Assistants

Discover how virtual assistants, powered by AI and innovative technology, are transforming industries and personal…

15 hours ago

Google Brings Ads To AI Search Summaries

Google begins broad roll-out of ads for AI Overviews in search results, adds AI-organised results,…

16 hours ago