On Monday evening, TfL reported that it was dealing with a cyber incident affecting some back-office systems. Although it asked some office staff to work from home, it said there was no impact on services and no loss of customer data.

As of today, that appears to have changed. There are some disruptions to tube services caused by obstructions and a fire alarm, but almost everything else seems to be working fine. The exception is TfL’s Dial a Ride service for people with disabilities.

Earlier today, it posted a notice on the website saying it was experiencing serious disruption and couldn’t take new bookings. This is a serious issue for people who rely on that service to get to medical appointments or for any other reason.

The statement on its website said, “Due to ongoing TfL-wide cyber security incident, we are unable to process any new booking requests. In addition, many of our staff have limited access to systems and email and, as a result, we may be delayed or unable to respond to your query.”

Enterprise Times contacted the TfL press office and asked what was happening with Dial a Ride. We received the following statement from TfL in response:

“As a result of the internal measures we are taking as part of the cyber security incident, the booking system for Dial a Ride was temporarily down – although pre-existing bookings were still fulfilled. We are now able to take essential bookings and hope the situation will further improve as the day goes on.”

Enterprise Times: What does this mean?

From what we can glean, the impact seems to be on booking systems and telephony. Staff are struggling to access systems and, therefore, take bookings. It also appears that the online booking system is having problems. What does need clarification is whether it has impacted the TfL phone system for those working from home.

For disabled customers, hope is not a great message, and it will be interesting to see how long this continues. Will the service be back to normal by the end of the day? How will it adapt if the disruption continues? What qualifies as essential? Given how difficult it can be for disabled people to move around London, few undertake travel for the sheer sake of it.

So far, TfL appears to have handled this incident well. Its cyber resilience planning has kept London moving on public transport and the infrastructure it manages. There has been no obvious leakage of data, and, importantly, no cybercrime group has gone public about being behind the attack. TfL has also yet to say what type of cyber-attack this is, although most experts believe it is ransomware.

The impact on Dial a Ride is the first public evidence of a problem. If TfL can recover and maintain that service quickly, as it claims to be doing, it will be seen as having done a good job. However, this service is designed for the most vulnerable travellers and should have had a faster recovery time.

If we receive any updates, we will add them to this story.

LEAVE A REPLY

Please enter your comment!
Please enter your name here