Transport for London (TfL) has announced it is dealing with an “ongoing” cybersecurity incident.

On Monday night, the capital’s transport network provider said in a statement that there was no evidence any customer data had been compromised.

The organisation also assured customers that there had been no impact on its services.

“The security of our systems and customer data is very important to us, and we have taken immediate action to prevent any further access to our systems,” wrote TfL, adding that it is working closely with government agencies to respond to the cyber attack.

Commenting on the news Javvad Malik, lead security awareness advocate at KnowBe4 said that while it is unclear how the cyber incident at TfL occurred it is likely that its systems were breached through social engineering, unpatched software or poor credentials.

Mayur Upadhyaya, chief executive and co-founder at APIContext said: "TfL's response, including the work-from-home directive and enhanced security measures, underscores the need for preparedness and contingency planning to minimise the impact of cyber incidents. Such proactive steps are crucial for maintaining operational resilience and mitigating potential damage."

---