The door-to-door community transport service was unable to process new bookings.
Transport for London has said it was briefly unable to process any new Dial-a-Ride bookings due the ongoing “cybersecurity incident.”
On its website, TfL said: “In addition, many of our staff have limited access to systems and email and, as a result, we may be delayed or unable to respond to your query.”
In an email to SC UK, a TfL spokesperson said the booking system for Dial a Ride was temporarily down "as a result of the internal measures we are taking as part of the cybersecurity incident," although pre-existing bookings were still fulfilled. They said: "We are now able to take essential bookings and hope the situation will further improve as the day goes on."
Ongoing Incident
The cybersecurity incident began earlier this week, when TfL emailed customers to say it was “dealing with an ongoing” incident and there was “no evidence that any customer data has been compromised.” However it is now clear that there is an impact on services, and TfL staff are being encouraged to work remotely where possible.
Mark Robertson, CRO of Acumen Cyber said that while there is no clarify on what incident has taken place, this does appear to be ransomware. “Employees being locked out of systems is often the number one consequence in ransomware attacks,” he said.
“However, until TfL provides a more detailed update, we can’t say for sure what incident the transport network is facing, or who carried it out.
“Fortunately, all tube services seem to be running as normal, which does indicate TfL has been able to prevent the incident from having an operational impact. Otherwise, the whole of the capital could have been brought to a standstill.”
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.
