The UK’s National Crime Agency claims to have apprehended a 17-year-old individual suspected of involvement in the cyberattack on Transport for London (TfL), the capital’s primary public transport provider.
“A 17-year-old individual was apprehended by the Nationwide Crime Company in Walsall, as part of an ongoing inquiry into a cybersecurity breach affecting Transport for London.”
“A 17-year-old boy was taken into custody for allegedly violating the terms of a peaceable conduct law in connection with an attack that occurred on Transport for London (TfL) premises on September 1.”
A teenage individual was detained and interrogated by National Crime Agency officials before being released on a bail agreement.
The National Crime Agency (NCA) is leading the investigation into the cyberattack and working intensively with the National Cyber Security Centre and Transport for London (TfL) to mitigate the situation.
According to renowned SANS instructor Will Thomas, a 17-year-old male from Walsall was reported as famous in July 2024 for a suspected link to. This individual was reportedly acting as an affiliate for the notorious BlackCat ransomware gang.
BleepingComputer has reached out to the NCA inquiring whether the individual responsible for the attack was apprehended, but thus far, there has been no response.
The Transport for London cyberattack
On September 1st, Transport for London revealed that it had taken measures to prevent the spread of an unspecified issue by shutting down or restricting access to various IT systems.
While the assault had no direct impact on metropolitan transportation providers, it did severely affect numerous online customer-facing systems, including the ability to process refunds.
The assault has also caused persistent disruptions to TfL’s Dial-a-Journey service, a vital door-to-door transportation system serving individuals with disabilities.
Following an initial denial that buyer information had been compromised, it was later revealed that sensitive data including names, contact details, email addresses, and residential addresses were actually stolen during the breach.
Hackers may also have obtained access to approximately 5,000 individuals’ Oyster card refund details and banking information for their respective checking accounts.
The Transport for London (TfL) network provides transportation services to London’s approximately 8.4 million residents via its underground, overground, and Crossrail systems.
In May 2023, Transport for London quickly responded to the aftermath of a cyberattack by the notorious Clop ransomware gang, which had compromised sensitive data for approximately 13,000 customers using MOVEit Switch services.
