The fingerpointing starts as cyber incident at London transport body continues

Transport for London (TfL) is undergoing an ongoing cyber incident that prompted network-wide access restrictions and service outages; sources suggest attackers may have exploited a Cisco VPN or Netscaler appliance to gain initial access. TfL has limited comment while containing the incident, which bears hallmarks of a ransomware or exfiltration event, and the ICO has been informed and is assessing the situation.