Hackers who gained access to heart of London transport network jailed


The data of millions of commuters was stolen, Londoners were left out of pocket and 27,000 Transport for London staff were forced to reset their passwords.

Over four days in 2024 a pair of teenage hackers had London’s transport network at their mercy. The hackers had burrowed into the heart of Transport for London’s IT systems and held the “keys to the kingdom”.

While the main tube and bus networks were not directly affected, the dial-a-ride service for disabled passengers was unable to process bookings for a period. The head of TfL, Andy Lord – a veteran of British Airways – said the attack was the worst incident he had faced in his career.

Read more…
Source:  The Guardian


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Harrods becomes latest retailer struck by cyberattack attempts

    May 1, 2025

    Harrods has become the latest retailer to be targeted by cyberattacks, which have struck Marks and Spencer and The Co-op this week. The luxury department store revealed it has had to take action against similar hacking attempts in recent days. In a statement shared with ITV News, Harrods said: “We recently experienced attempts to gain unauthorised ...

  • The Co-op fights attempted hack as M&S cyber attack rages on

    April 30, 2025

    The Co-op has been forced to shut off parts of its IT systems after it was confronted with an attempted hack. The Manchester-headquartered group has confirmed some of its back office and call centre services have been impacted. However, it added that all its stores, including grocery and funeral homes are trading as usual. It comes ...

  • M&S: WFH staff locked out of systems amid cyber attack fallout

    April 28, 2025

    M&S has shut remote-working employees out of some of its IT systems as it struggles to recover from the fallout of a cyberattack last week. The high street giant closed some of the programmes that staff use to log into the internal IT systems when working outside of the office, The Times reported. Cybersecurity experts said ...

  • M&S: FTSE 100 giant battling cyber attack

    April 22, 2025

    M&S has revealed it has been battling what it has described as a “cyber incident” over the past few days. The FTSE 100 giant said that it’s made some “minor, temporary changes to our store operations to protect customers and the business” and “we are sorry for any inconvenience experienced.” M&S confirmed that it is working ...

  • BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors

    April 9, 2025

    MOONSHINE and BADBAZAAR are examples of trojans; they have malicious functions hidden inside an otherwise functioning app that can be downloaded from app stores or online file-sharing services. These apps are designed to trick a user into downloading and installing them on a device. Once an app is installed, it uses vulnerabilities on the device to ...

  • Musk cuts US cyber defences against Russia, increasing threats to UK

    April 7, 2025

    The Pentagon cyber unit that helps counter threats from Russia has had part of its funding cut. US Cyber Command (USCC), which is charged with defending US military networks, has been ordered to axe contract dealings with private-sector partners, and freeze recruitment. The shock move could have a major impact on Britain’s ability to defend itself ...