Tfl Said It Is Working With The Dft And Rail Delivery Group On A New Timeline For The Rollout. Credit: Bussweh / Shutterstock.

A cybersecurity incident affecting Transport for London (TfL) has delayed the rollout of contactless payment systems across several stations outside of the UK’s capital city as authorities continue to assess the impact of the breach.

Contactless payment was scheduled to expand to 47 stations on the Greater London transport network on 22 September but has now been pushed back indefinitely as TfL works with the Department for Transport and the Rail Delivery Group on a new timeline.

Go deeper with GlobalData

Data Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

TfL’s announcement is the latest update in the saga, which has been affecting the company’s services since the cyberattack was identified on 1 September, with authorities now believing customer names, contact details, and possible bank details were accessed during the breach.

TfL’s chief technology officer Shashi Verma said: “As part of the measures we have implemented to deal with the cyber incident, we have today put in place additional measures to improve our security. This includes an all-staff IT identity check.

“Throughout this planned process, we have ensured that all safety critical systems and processes have been maintained.”

Around 5,000 customers will be contacted about a possible breach of Oyster card refund data according to TfL, with details such as bank account numbers and sort codes believed to have possibly been accessed during the incident.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The transport authority’s update comes at the same time as news that a 17-year-old male had been arrested as part of the investigation into the incident, with officers from the UK’s National Crime Agency questioning the man before he was bailed.

The issue of cybersecurity in the rail industry has become increasingly prevalent in recent years as the industry adopts a digitalisation approach to its operations, with the interconnected nature of modern rail networks opening the industry up to new forms of attack.