The data of millions of commuters was stolen, Londoners were left out of pocket and 27,000 Transport for London staff were forced to reset their passwords.
Over four days in 2024 a pair of teenage hackers had London’s transport network at their mercy. The hackers had burrowed into the heart of Transport for London’s IT systems and held the “keys to the kingdom”.
While the main tube and bus networks were not directly affected, the dial-a-ride service for disabled passengers was unable to process bookings for a period. The head of TfL, Andy Lord – a veteran of British Airways – said the attack was the worst incident he had faced in his career.
Read more…
Source: The Guardian
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape
May 27, 2025
When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach multiple businesses through a single point of entry. In one ...
- Major supermarket distributor to Tesco and Sainsbury’s ‘held to ransom’
May 20, 2025
A major distributor to Britain’s biggest supermarkets, including Tesco, Sainsbury’s and Aldi, is being held to ransom by cyber hackers following a string of assaults on UK retail in the last month. Peter Green Chilled said clients were “receiving regular updates” including “workarounds” on how to continue deliveries. No orders would be processed on Thursday, although any ...
- UK: Legal Aid database hacked, ‘significant amount’ of data and criminal records stolen
May 19, 2025
The UK’s Ministry of Justice (MoJ) has revealed that a cyberattack on the Legal Aid system has led to the theft of a “significant amount” of data, including criminal records. The MoJ was alerted to the attack on April 23 when data dating back as far as 2010 was accessed by the attackers. Earlier this month, ...
- M&S warns shoppers are at risk from scammers after cyber attack
May 14, 2025
Marks & Spencer has warned shoppers to be on the lookout for scam calls and emails after hackers stole customer data from its systems. The retailer is this week writing to customers to alert them that personal data have been taken by cyber criminals, including partial credit card details, contact information, dates of birth and order ...
- Scattered Spider hacking group allegedly behind cyber-attacks on Marks & Spencer
May 2, 2025
The culprit behind the M&S cyber attack is still a matter of investigation but speculation has pointed to a group called Scattered Spider. Also called UNC3944, Octo Tempest or Muddled Libra, Scattered Spider is a hacking group comprised of hackers – some thought to be as young as 16. Members are said to frequent hacker forums, ...
- Cyber criminals claim to have private information of 20 million people who signed up to Co-op’s membership
May 2, 2025
Cyber criminals have told BBC News their hack against Co-op is far more serious than the company previously admitted. Hackers contacted the BBC with proof they had infiltrated IT networks and stolen huge amounts of customer and employee data. After being approached on Friday, a Co-op spokesperson said the hackers “accessed data relating to a significant ...

