Incidents

London metro, bus & train ticket payment system hacked

Today, any online service or application is exposed to some extent to cyberattacks that, depending on the capabilities of hackers, could lead to information theft or disruption of activities and economic losses. This time, digital forensics specialists report a security incident related to the London public transport system.

Transport for London (TFL), the public
transport body in the British capital revealed that some contactless card
accounts of Oyster, the payment system for transport, were hacked by unidentified
threat actors. The incident was detected after customers reported the decline
of the online service.

As a precaution, TFL disconnected the Oyster
system, in an attempt to limit the impact of the incident, as 1 200 hacked user
accounts had been detected so far, digital forensics experts reported.

In total, six million English citizens have
Oyster accounts, making it easier to use London’s public transport system
(including metro, train, and tram and bus service). Although the portion of
users affected by the incident is minimal, authorities say they are concerned
about the security of the information of the people involved.

Through a statement, TFL officials mentioned:
“Contactless online accounts and Oyster user accounts are temporarily
offline; this is a preventive measure until additional security measures are
implemented.”

Digital forensics specialists who are working in
collaboration with TFL believe this incident could be the result of a security
breach in a third-party service. It is quite likely that compromised users have
used the same password of their Oyster account on other online services. Using
a technique known as credential
stuffing
, hackers try to access multiple online platforms with the same
login data.

Users began reporting problems last Wednesday
night. Using credential stuffing, the hackers entered the compromised accounts.
In the first instance, TFL only mentioned a few “inconveniences with server
performance”; they acknowledged the hacking incident until Thursday
afternoon.

TFL officials added: “We will contact
affected users during the incident. As a security measure for all of our users,
we recommend that you do not use the same access keys for multiple sites.”

TFL also stresses that the financial
information of compromised users has not been affected; however, its digital
forensics team will implement some additional security measures to prevent
further data leakage. On the other hand, public transport users in London will
be able to use the Oyster mobile app to top up their cards while the online system
remains out of order. Using ticketing machines is also a viable option.

International Institute of Cyber Security (IICS)
digital forensic specialists recommend that Oyster account owners contact TFL
in case of detecting any anomalous activity on their accounts. The incident
will continue to be investigated by the UK’s National Cyber Security Centre and
British police.

To Top

Pin It on Pinterest

Share This