Transport for London confirms 5,000 users' bank data exposed, pulls large chunks of IT infra offline

Transport for London suffered a cyber incident beginning 1 September that may have exposed Oyster refund bank details for roughly 5,000 customers and accessed employee data; TfL has limited IT services, suspended some customer functions, and is conducting in-person password resets for 30,000 staff. The National Crime Agency, working with the NCSC, has investigated the incident and arrested a 17-year-old suspect, while TfL notifies affected customers as a precaution.