I just received this, I work as a Cyber Security Manager. Reading between the lines it looks like they were affected by ransomware or an attempt. The fact they are letting people know seems very much in line with what the ICO would expect with a data breach.
Snap! Seems to be that way, simple phishing technique most likely - been quite a few over the last couple of years!!!! If it don’t look right don’t open or click on it….
This would of been the perfect time for jones to use the international break to take I.T department aside and drill in to the the needs for constant security awareness and staying on top of their patching schedules but no his ego gets in the way and now we are playing Rotherham
Transport for London (TfL) has restricted its online services as its computer systems continue to be affected by a cyber attack.
The organisation said it took action including limiting access to some live travel information services via apps and its website, and preventing passengers from viewing their journey history for trips paid for by contactless cards.
A mate of mine works for a software company here in Auckland which provides services to car dealers and workshops. The business got attacked earlier this year. In the beginning they didn’t know how much info the hackers had access to. Was it just ‘Mr Jones took his car to service on Sat 3 Feb at 2pm’ or was it far more serious.
He couldn’t share too much info about it, but in the end they had to pay the hackers an amount.
The hackers were very professional. They even provided the business with a full report highlighting how they got into the system, so the business could close this security gap.
A mate of mine works for a software company here in Auckland which provides services to car dealers and workshops. The business got attacked earlier this year. In the beginning they didn’t know how much info the hackers had access to. Was it just ‘Mr Jones took his car to service on Sat 3 Feb at 2pm’ or was it far more serious.
He couldn’t share too much info about it, but in the end they had to pay the hackers an amount.
The hackers were very professional. They even provided the business with a full report highlighting how they got into the system, so the business could close this security gap.
It changes country to country but typically it can be illegal to pay a ransom is some countries. Also the providing a full report is not unheard of.
A 17-year-old boy has been arrested in connection with the cyber security incident affecting Transport for London (TfL), the National Crime Agency (NCA) said.
On Thursday TfL said that some customers' bank account details could have been accessed by hackers during an "ongoing cyber security incident".
The NCA said the teenager was arrested in Walsall on 5 September.
A mate of mine works for a software company here in Auckland which provides services to car dealers and workshops. The business got attacked earlier this year. In the beginning they didn’t know how much info the hackers had access to. Was it just ‘Mr Jones took his car to service on Sat 3 Feb at 2pm’ or was it far more serious.
He couldn’t share too much info about it, but in the end they had to pay the hackers an amount.
The hackers were very professional. They even provided the business with a full report highlighting how they got into the system, so the business could close this security gap.
There are two distinct breeds of cyber attacker out there and it really helps to know which breed you are dealing with at the outset of a ransomware attack. Some, like the one you speak of here, are very professional and treat it purely as a business transaction. Some even ask you to leave them a review at the end of the process! On the plus side, these are the ones that will almost always do what they say they are going to do and will not seek to target you again.
On the other side of the coin however, are the ones who either don't unencrypt your files or will come back again days or weeks later and do it all again.
Both are scum but I'll take the former over the latter any day of the week.
TfL cyber attack: Thousands of passengers feared to have bank details exposed as teenager arrested
The hack is understood to have potentially exposed the bank account details of about 5,000 passengers.
Names and phone numbers of passengers are thought to have been obtained, including some personal data from Oyster cards and Contactless bank cards used to make journeys on the capital’s public transport network.
The hack is understood to have potentially exposed the bank account details of about 5,000 passengers - either via activity on their Oyster card account or refund data. This includes account numbers and sort codes.
In addition, an unknown number of passengers who had signed up to TfL email alerts – for example, for regular email bulletins on the Elizabeth line or a particular Tube line – are thought to have had their name, home address or email account exposed.
I’m not sure why these hackers don’t play the smarter route and perform “ethical hacks” they could then be paid quite handsomely for their skills rather than be arrested when finally caught.
The fact that a 17 year old kid can hack into TFL doesn’t fill you with confidence about IT security generally, particularly given numerous other recent high profile cyber security attacks.
A mate of mine works for a software company here in Auckland which provides services to car dealers and workshops. The business got attacked earlier this year. In the beginning they didn’t know how much info the hackers had access to. Was it just ‘Mr Jones took his car to service on Sat 3 Feb at 2pm’ or was it far more serious.
He couldn’t share too much info about it, but in the end they had to pay the hackers an amount.
The hackers were very professional. They even provided the business with a full report highlighting how they got into the system, so the business could close this security gap.
There are two distinct breeds of cyber attacker out there and it really helps to know which breed you are dealing with at the outset of a ransomware attack. Some, like the one you speak of here, are very professional and treat it purely as a business transaction. Some even ask you to leave them a review at the end of the process! On the plus side, these are the ones that will almost always do what they say they are going to do and will not seek to target you again.
On the other side of the coin however, are the ones who either don't unencrypt your files or will come back again days or weeks later and do it all again.
Both are scum but I'll take the former over the latter any day of the week.
Its worth pointing out that a lot of those Ransomware gangs are actually state sponsored aswell, think back to the days of privateering. Its also worth noting form a professional perspective their are a lot more than two breeds of attacker.
I’m not sure why these hackers don’t play the smarter route and perform “ethical hacks” they could then be paid quite handsomely for their skills rather than be arrested when finally caught.
Ethical hackers aren't paid anywhere near as handsomely as black hat, also the work is often not fulfilling and seldom more than a pen tester.
The wi-fi has been hacked at 19 UK railway stations to display a message about terror attacks.
Network Rail confirmed that the wi-fi systems at stations including London Euston, Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street, Edinburgh Waverley and Glasgow Central were affected.
People reported logging on to the wi-fi at the stations on Wednesday and being met with a screen about terror attacks in Europe.
A Network Rail spokesperson confirmed the wi-fi was still down and said: "We are currently dealing with a cyber security incident affecting the public wi-fi at Network Rail’s managed stations."
The affected stations include:
In London, London Cannon Street, London Bridge, Charing Cross, Clapham Junction, Euston, King’s Cross, Liverpool Street, Paddington, Victoria and Waterloo
Comments
Transport for London (TfL) has restricted its online services as its computer systems continue to be affected by a cyber attack.
The organisation said it took action including limiting access to some live travel information services via apps and its website, and preventing passengers from viewing their journey history for trips paid for by contactless cards.
https://www.bbc.co.uk/news/articles/cwyjezrne3go
A mate of mine works for a software company here in Auckland which provides services to car dealers and workshops. The business got attacked earlier this year. In the beginning they didn’t know how much info the hackers had access to. Was it just ‘Mr Jones took his car to service on Sat 3 Feb at 2pm’ or was it far more serious.
He couldn’t share too much info about it, but in the end they had to pay the hackers an amount.
The hackers were very professional. They even provided the business with a full report highlighting how they got into the system, so the business could close this security gap.
A 17-year-old boy has been arrested in connection with the cyber security incident affecting Transport for London (TfL), the National Crime Agency (NCA) said.
On Thursday TfL said that some customers' bank account details could have been accessed by hackers during an "ongoing cyber security incident".
The NCA said the teenager was arrested in Walsall on 5 September.
https://www.bbc.co.uk/news/articles/c4gqg2elkj4o
On the other side of the coin however, are the ones who either don't unencrypt your files or will come back again days or weeks later and do it all again.
Both are scum but I'll take the former over the latter any day of the week.
TfL cyber attack: Thousands of passengers feared to have bank details exposed as teenager arrested
Names and phone numbers of passengers are thought to have been obtained, including some personal data from Oyster cards and Contactless bank cards used to make journeys on the capital’s public transport network.
The hack is understood to have potentially exposed the bank account details of about 5,000 passengers - either via activity on their Oyster card account or refund data. This includes account numbers and sort codes.
In addition, an unknown number of passengers who had signed up to TfL email alerts – for example, for regular email bulletins on the Elizabeth line or a particular Tube line – are thought to have had their name, home address or email account exposed.
https://www.standard.co.uk/news/london/tfl-cyber-attack-person-data-hacked-oyster-contactless-passengers-sadiq-khan-b1181688.html
The wi-fi has been hacked at 19 UK railway stations to display a message about terror attacks.
Network Rail confirmed that the wi-fi systems at stations including London Euston, Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street, Edinburgh Waverley and Glasgow Central were affected.
People reported logging on to the wi-fi at the stations on Wednesday and being met with a screen about terror attacks in Europe.
A Network Rail spokesperson confirmed the wi-fi was still down and said: "We are currently dealing with a cyber security incident affecting the public wi-fi at Network Rail’s managed stations."
The affected stations include:
In London, London Cannon Street, London Bridge, Charing Cross, Clapham Junction, Euston, King’s Cross, Liverpool Street, Paddington, Victoria and Waterloo
Man arrested over rail terror message hack
https://www.bbc.co.uk/news/articles/c1jd5k8x4y4o