Tag: TfL

The extent of the 2024 Scattered Spider cyber attack on Transport for London (TfL) was much broader than initially thought, affecting the personal information of millions of London's bus, train, and underground passengers, as revealed. As reported by the BBC, a database obtained and analyzed by an unidentified hacker contained the names, email addresses, phone numbers, and addresses of approximately 10 million individuals. The database, comprising 15 million lines of data, has since been destroyed. The breach occurred in August 2024, with TfL facing significant response and remediation costs totaling nearly £40 million. While core services remained operational, technical services such as APIs and Oyster services experienced disruptions. In September 2025, two teenagers, Owen Flowers and Thalha Jubair, were charged in connection with the incident and are awaiting a full trial. TfL assured that it promptly informed customers about the stolen data and offered support to affected individuals. ESET's Jake Moore highlighted the delayed disclosure of the breach as a concerning aspect, emphasizing the importance of immediate transparency in such incidents. Moore cautioned individuals with payment details linked to TfL accounts to monitor their financial statements for any suspicious activity. Emails overlooked Talion CEO Keven Knight expressed concern over the low open rate of notification emails sent by TfL, suggesting a lack of awareness among affected individuals. Knight stressed the need for proactive communication to prevent phishing attempts. He emphasized that leaving victims uninformed could make them more vulnerable to cyber threats and underscored the importance of transparent communication from government-associated organizations. Next steps ESET's Moore advised individuals with email or payment details linked to TfL accounts to remain vigilant for suspicious activities. Additional guidance for breach-affected consumers is available from the UK's National Cyber Security Centre (NCSC). This article was updated to include a response from TfL.

Tag: TfL

Scattered Spider attack on TfL affected 10 million people

Quick Links

Resources

Support