It has been more than a month since TfL had a cyber attack on 1 September but systems are still down, and no confirmation given for when operations will return to normal.
On 12 September, the National Crime Agency (NCA) reported they had arrested a 17-year-old in Walsall in relation to the cyber attack.
The teenager, arrested on 5 September, was questioned by NCA officers and bailed.
The NCA leads the law enforcement response, working closely with the National Cyber Security Centre and TfL to manage the incident and minimise risks.
Deputy Director Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “We have been working at pace to support Transport for London following a cyber attack on their network and to identify the criminal actors responsible.”
A TfL spokesperson said: “The systems are down because the investigation into this highly sophisticated cyber security incident remains ongoing.
“We have been keeping our customers regularly updated via our website and social media channels.”
With the systems down, TfL users cannot renew or apply for a new Oyster card, or connect their railcard to said accounts.
This is due to the Oyster photocard website being unavailable during this time.
A TfL spokesperson said: “From our investigations so far, nothing suggests that Oyster photocard data has been compromised.”
However, in a recent press release on 12 September, confirmed that some customer data had been accessed, including names, contact details, email addresses and home addresses.
Plus, some Oyster card refund data may have been accessed, including bank account numbers and sort codes, but this was only for a limited number of customers, around 5,000.
Children with expired 5-10 or 11-15 Zip Oyster cards can continue to travel using their cards until 31 October, but the offer does not extend to those with 16+ cards.
A TfL spokesperson said: “Train operating companies across London will continue to accept Zip Oyster photocards, where they are typically accepted, for under 16-year-olds, which are set to expire on 30 September throughout October.
“In these circumstances, children must show their expired photocard to staff at the start and end of their journey.”
“Additionally, we are postponing the yearly address check we require for holders of 60+ Oyster photocards until later.
“We have written directly to all affected customers.”
It has been confirmed that when photocard systems are back up and running, TfL will write to customers again to let them know to update their Zip Oyster photocard or complete their address check.
With refunds also unavailable, TfL stated in their press release it will keep a record of fares paid as it intends to refund customers for additional travel costs incurred while systems are locked.
The Mayor of London Sadiq Khan confirmed many Londoners are out of pocket as a result of the outage.
Mayor Khan said: “The figure is big in relation to the number of people who paid a fare but shouldn’t have paid a fare.”
If you have received direct communication from TfL that your personal information has been accessed due to the cyber attack incident and would like to verify the contents of that communication, reach out to their customer services advisers on 0343 222 1234.
Unfortunately, given the nature of the investigation, TfL say they cannot directly confirm what individual customer data may have been accessed.