A cyber attack has delayed the expansion of a contactless payment scheme to extra Kent stations.
Transport for London (TfL) has expected to see plans to rollout its tap-in, tap-out system at 49 extra stations across Surrey and Kent from September 22.
This had included prime commuter hubs such as Bat & Ball, Dunton Green, Eynsford, Otford, Sevenoaks and Shoreham.
But the roll-out has been put on hold after the government department identified suspicious activity on its databases.
A cyber attack was revealed to have affected the system which has meant some Oyster card refund data may have been accessed as well as certain customer data, including names and contact details.
An investigation is being carried out with the National Crime Agency and the National Cyber Security Centre. The Information Commissioner’s Office has also been notified.
TfL said the breach could also include bank account numbers and sort codes for a limited number of customers.
Shashi Verma, TfL’s Chief Technology Officer, said: “The security measures we are taking mean that it is now not possible for us to deliver the necessary system changes to enable 47 additional stations outside London to benefit from pay as you go with contactless on 22 September as planned.
“We are working with DfT and the Rail Delivery Group to reschedule and we apologise for the delay.”
A teenager was arrested in Walsall on September 5 by the National Crime Agency, as part of the investigation into the cyber security incident.
The 17-year-old male was detained on suspicion of Computer Misuse Act offences in relation to the attack, which was launched on September 1 but has since been bailed.