Cyber security incident

We are currently dealing with an ongoing cyber security incident. The security of our systems and customer data is very important to us, and we have taken immediate action to protect our systems.

We identified some suspicious activity on Sunday 1 September and took action to limit access. We are conducting a thorough investigation into the incident, alongside the National Crime Agency and the National Cyber Security Centre.

Although there has been very little impact on our customers so far, the situation is evolving and our investigations have identified that certain customer data has been accessed. This includes some customer names and contact details, including email addresses and home addresses where provided.

Some Oyster card refund data may have been accessed. This could include bank account numbers and sort codes for a limited number of customers (around 5,000).

If you are affected, we will contact you directly as soon as possible as a precautionary measure, and will offer you support and guidance.

We are doing all we can to protect our services and secure our systems and data. Our proactive measures mean that:

Live Tube arrival information is not available on some of our digital channels, including TfL Go and the TfL website. In-station and journey planning information is still available
Applications for new Oyster photocards, including Zip cards, have been temporarily suspended. If you want to replace a lost photocard then call us on 0343 222 1234 between 08:00-20:00 every day and select option 1 (charges may apply)
If you have been unable to apply, please continue making your journeys as usual and keep a record of any fares you've paid. We may be able to arrange a refund once the cyber security incident has been resolved and you get a new photocard
If you travel using a contactless payment card, you won't be able to access your online journey history
Currently we are unable to issue refunds for incomplete pay as you go journeys made using contactless, so always remember to touch in and out. Oyster customers can self-serve online
Many of our staff have limited access to systems and, as a result, there will be some delays responding to any online enquiries

We're also undertaking an all-staff IT identity check. Although we don't expect any significant impact to customer journeys as we carry out this process, temporary and limited disruption is possible to some services. Please check before you travel.

Always be alert to approaches from anyone claiming to have your data and to any other suspicious calls or emails, particularly if you are asked to provide personal or financial information.

If you are contacted by someone claiming to have your data, you should contact Action Fraud, the UK's national reporting centre for fraud and cybercrime, on 0300 123 2040.

The National Cyber Security Centre has further guidance for individuals and families on data breaches.

We will continue to keep you updated. We are sorry for the inconvenience this incident may cause and thank you for your patience.

Last reviewed 13 September 2024

Travel information

Ways to get around

Quick links

Cyber security incident

My Lines

My Buses

My Roads

My River Buses

My IFS Cloud Cable Car

My Journeys

My Places

Add favourites for quick access to live status, journeys and places

Favourite lines

Favourite buses

Add new bus

Favourite roads

Favourite river buses

Favourite IFS Cloud Cable Car

Favourite journeys

My places

Add new place

Add places