Around 30,000 Transport for London (TfL) employees - its entire workforce - will have to reset their work passwords in person after a cyber security attack on the TfL.
The attacker stole staff data that was confined to TfL directory details, such as TfL email addresses, job titles and employee numbers. Other data, including bank details, home addresses and date of birth are believed not to have been accessed in the attack, which was first noticed by the TfL on September 1.
"We’ve been working closely with the National Crime Agency, National Cyber Security Centre and other specialists to manage the ongoing cyber incident and further protect our organisation," stated TfL on its employee hub. "On advice from specialists, we have deliberately reset every colleague’s OneLondon account."
Given the severity of the situation, it was deemed necessary that employees needed to verify their identity in person to reset their password/s.
The TfL has activated its business continuity plans and told employees that line managers and people leaders will use WhatsApp to pass on updates. It is also aware of customer concerns.
"Some customers may ask questions about the security of our network and their data," stated the TfL. "First and foremost, we must reassure that our network is safe. Secondly, we’re contacting customers directly about steps being taken regarding their data."
Four days after the attack, a 17yo boy from Walsall, West Midlands, was arrested on suspicion of Computer Misuse Act offences. He was questioned by National Crime Agency officers and released on bail.
