TfL remains tightlipped over the nature of the incident and its broader impact, sticking instead to the line that there is currently no evidence of customer data being compromised or impact to TfL services.
Access was subsequently limited after TfL spotted some suspicious activity during routine monitoring. An abrupt termination of Wi-Fi was the first indicator that all was not well on the network.
The TfL hack was their Cisco VPN getting popped. Deploying patches and keeping an eye on CVEs is an unpleasant game of whac-a-mole for administrators.
Other TfL functions, such as APIs used for live Tube times, are also currently offline, judging by sites such as Citymapper.
Collection
[
|
...
]