A 17-year-old boy has been arrested in connection with the cyber security incident affecting Transport for London (TfL), the National Crime Agency (NCA) said.
TfL said that around 5,000 customers’ sort codes and bank account details could have been accessed by hackers during an “ongoing cyber security incident”.
The NCA said the teenager was arrested in Walsall, West Midlands, on 5 September, after the cyber attack was reported on 2 September.
TfL’s chief technology officer Shashi Verma said on Thursday that a “limited number of customers” may have had bank account numbers and sort codes accessed.
‘Hugely disruptive’
The NCA said the teenager was arrested on suspicion of Computer Misuse Act offences.
He was questioned by NCA officers and has since been bailed.
The NCA said it was working with TfL and the National Cyber Security Centre to minimise the risks to customers.
Paul Foster, head of the NCA’s National Cyber Crime Unit, said: “Attacks on public infrastructure such as this can be hugely disruptive and lead to severe consequences for local communities and national systems.”
He added: “We have been working at pace to support Transport for London following a cyber attack on their network, and to identify the criminal actors responsible.
“The swift response by TfL following the incident has enabled us to act quickly, and we are grateful for their continued co-operation with our investigation, which remains ongoing.”
Mr Verma said impacted customers would be contacted directly.
He added that an investigation into the cyber attack was taking place alongside the National Crime Agency and the National Cyber Security Centre.
“Although there has been very little impact on our customers so far, the situation continues to evolve and our investigations have identified that certain customer data has been accessed,” he said.
“This includes some customer names and contact details, including email addresses and home addresses where provided.
“Some Oyster card refund data may also have been accessed.”