TfL writes to 5,000 cyber attack customers

Tube arrives at Highbury and Islington station
Image caption,

Some digital TfL services remain offline

Transport for London (TfL) has written to around 5,000 customers whose details were hacked in a cyber attack.

The letters state that there may have been unauthorised access to personal information such as bank account numbers and sort codes.

Nearly three weeks after the security breach, all customers are still unable to apply for new concession cards, refunds or access their contactless data.

Last week, a 17-year-old boy was arrested over the the hack, which included names, emails, home addresses and bank account and sort codes, as well as Oyster refund data.

The letter warns affected customers that this data "may have included name and contact details, preferences for customer marketing and Oyster card refund data including bank account and sort code".

The letters have a unique identifier so any customers unsure about its validity can call customer services at TfL.

TfL has informed the Information Commissioner's Office about the incident and said it was continuing to work with relevant government agencies about the breach.

A TfL insider previously told the BBC the attack was having a growing impact on the company.

Staff are being locked out of the IT network in increasing numbers and have been told to go through a new protocol to log back in.

There is also an increase in physical security at offices with increased staff pass checks and greater scrutiny of who is going in and out of the buildings.

Last week, the National Crime Agency said such attacks are "hugely disruptive and lead to severe consequences for local communities and national systems".

TfL has apologised, calling the attack "sophisticated".

Listen to the best of BBC Radio London on Sounds and follow BBC London on Facebook, external, X, external and Instagram, external. Send your story ideas to hello.bbclondon@bbc.co.uk, external