Transport for London confirms customer data stolen in cyberattack

Transport for London disclosed a September 1 cyber incident that compromised customer PII — names, contact details, email addresses, home addresses — and may have exposed Oyster refund records and bank account numbers/sort codes for about 5,000 customers; some services remain disrupted while investigations and remediation continue and affected customers are being notified.