Hackers who gained access to heart of London transport network jailed


The data of millions of commuters was stolen, Londoners were left out of pocket and 27,000 Transport for London staff were forced to reset their passwords.

Over four days in 2024 a pair of teenage hackers had London’s transport network at their mercy. The hackers had burrowed into the heart of Transport for London’s IT systems and held the “keys to the kingdom”.

While the main tube and bus networks were not directly affected, the dial-a-ride service for disabled passengers was unable to process bookings for a period. The head of TfL, Andy Lord – a veteran of British Airways – said the attack was the worst incident he had faced in his career.

Read more…
Source:  The Guardian


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • British spies and SAS named in Afghan data breach

    July 17, 2025

    The identities of more than 100 British officials, including members of the special forces and MI6, were compromised in a data breach that also put thousands of Afghans at risk of reprisal, it can be reported. The latest fallout from the breach was kept secret by an injunction until Thursday, when the order was lifted in ...

  • UK: Arrests made after M&S, Co-op and Harrods cyber attacks

    July 10, 2025

    Four people, including three teenagers and a 20-year-old woman, have been arrested in connection with a wave of cyber attacks that crippled M&S, the Co-op and Harrods. The group allegedly unleashed ransomware that stole millions of customer records, shut down online orders and left supermarket shelves bare. The arrests included a 17-year-old British man from the ...

  • Payout offered to Afghans hit by UK data breaches

    July 4, 2025

    Afghan nationals whose personal information was mistakenly exposed by the Ministry of Defence in 2021 will be offered up to £4,000 each in compensation, the government has said. The data breaches affected 277 people, some of whom had worked for the UK government and were in hiding from insurgent Taliban forces at the time. Defence Minister ...

  • US, French authorities confirm arrest of BreachForums hackers

    June 26, 2025

    U.S. and French authorities have confirmed the arrests of five hackers accused of being behind several major hacks and being part of a notorious cybercrime forum. On Thursday, the U.S. Department of Justice announced the indictment of British national Kai West, 25, accusing him of being “a serial hacker” known as IntelBroker. U.S. authorities allege West ...

  • Data possibly stolen and council services offline after Glasgow cyber attack

    June 25, 2025

    Glasgow City Council has warned that personal data may have been stolen in a cyber attack affecting its services. The local authority was alerted to malicious activity on servers managed by a third-party supplier on June 19. Due to affected servers being taken offline, a number of services are currently unavailable, including planning applications, paying parking ...

  • M&S cyber attack deepens as tech partner TCS denies blame

    June 20, 2025

    Tata Consultancy Services (TCS), the tech firm at the centre of speculation around the M&S cyber attack, has claimed that none of its systems or users were compromised in the incident. The statement, delivered at the company’s annual shareholder meeting, is the first public comment from the group since M&S was hit by a major cyber ...