Massive Cyberattack on Transport for London Exposes Data of 10 Million Customers
In one of the largest data breaches in British history, Transport for London (TfL) confirmed that a cyberattack in late 2024 compromised the personal data of approximately 10 million customers. The breach, which occurred between August 29 and September 6, was discovered on September 1, prompting TfL to notify over 7 million customers via email in September those for whom email addresses were available in the exposed dataset.
While the attack did not disrupt London’s transport networks, it caused three months of online service outages, resulting in financial losses estimated in the tens of millions of pounds. The stolen data included customer names and contact details, with a smaller subset around 5,000 individuals having bank account information potentially accessed.
Investigators linked the attack to Scattered Spider, a notorious cybercriminal collective. Two British teenagers, previously charged in connection with the breach, are set to stand trial in June 2025. The incident reflects a broader surge in cyberattacks targeting UK organizations, with recent victims including Marks & Spencer, the Co-op, and Jaguar Land Rover.
Co-op cybersecurity rating report: https://www.rankiteo.com/company/the-co-op-group
London Landmarks Half Marathon Limited cybersecurity rating report: https://www.rankiteo.com/company/london-landmarks-half-marathon-limited
JLR cybersecurity rating report: https://www.rankiteo.com/company/jaguar-land-rover_1
"id": "THELONJAG1772814307",
"linkid": "the-co-op-group, london-landmarks-half-marathon-limited, jaguar-land-rover_1",
"type": "Cyber Attack",
"date": "8/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '10 million',
'industry': 'Transportation',
'location': 'London, United Kingdom',
'name': 'Transport for London (TfL)',
'type': 'Public Transport Authority'}],
'customer_advisories': 'Notified over 7 million customers via email in '
'September 2024',
'data_breach': {'number_of_records_exposed': '10 million (5,000 with bank '
'account information)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (for 5,000 individuals with bank '
'account information)',
'type_of_data_compromised': ['Names',
'Contact details',
'Bank account information']},
'date_detected': '2024-09-01',
'description': 'In one of the largest data breaches in British history, '
'Transport for London (TfL) confirmed that a cyberattack in '
'late 2024 compromised the personal data of approximately 10 '
'million customers. The breach occurred between August 29 and '
'September 6, was discovered on September 1, and prompted TfL '
'to notify over 7 million customers via email. The attack did '
'not disrupt London’s transport networks but caused three '
'months of online service outages, resulting in financial '
'losses estimated in the tens of millions of pounds. The '
'stolen data included customer names and contact details, with '
'a smaller subset of around 5,000 individuals having bank '
'account information potentially accessed.',
'impact': {'data_compromised': 'Personal data (names, contact details, bank '
'account information for 5,000 individuals)',
'downtime': 'Three months',
'financial_loss': 'Tens of millions of pounds',
'identity_theft_risk': 'High (for 5,000 individuals with bank '
'account information exposed)',
'operational_impact': 'Online service outages',
'payment_information_risk': 'High (for 5,000 individuals with bank '
'account information exposed)',
'systems_affected': 'Online services'},
'investigation_status': 'Ongoing (trial set for June 2025)',
'regulatory_compliance': {'legal_actions': 'Two British teenagers charged, '
'trial set for June 2025'},
'response': {'communication_strategy': 'Notified over 7 million customers via '
'email'},
'threat_actor': 'Scattered Spider',
'title': 'Massive Cyberattack on Transport for London Exposes Data of 10 '
'Million Customers',
'type': 'Data Breach'}