SoylentNews

Arthur T Knackerbracket [soylentnews.org] writes:

COLLECTED BY Arthur Bot - NEEDS EDITING

Arthur T Knackerbracket [soylentnews.org] has found the following story [theregister.co.uk]:

Some Oyster customers have had their accounts broken into, and the transport authority has blamed users who recycled their login creds with other websites.

A Transport for London (TfL) spokesperson told us: "We believe that a small number of customers have had their Oyster online account accessed after their login credentials were compromised when using non-TfL websites. No customer payment details have been accessed, but as a precautionary measure and to protect our customers' data, we have temporarily closed online contactless and Oyster accounts while we put additional security measures in place."

In fiscal year 2018/19 nearly a billion rail, tram and bus journeys were made using Oyster cards, netting TfL a cool £2.3bn in revenue, according to its own statistics [tfl.gov.uk].

Over the past couple of days, increasing numbers of users noticed that they could not log in online and check their smartcards' balances or top them up with cash.

In tweets from Londoners asking why they can't access their online accounts and do things like cancel standing orders or change card details, TfL repeatedly insisted that the problem was "performance issues impacting users".

Hi Dan, Oyster online is currently unavailable whilst we investigate performance issues impacting users. Our mobile app can still be used to make purchases and view payment and journey history etc. Sorry about the inconvenience caused, Tariq

— Transport for London (@TfL)

TfL's response to the attack on the accounts included taking down staff access to Oyster systems as well, though Londoners using ticket machines to top up at stations seem unaffected so far.

Hi Mark. Im not struggling with the contact Us page. I actually called and spoke to a lady. She said that the system is down internally too so she couldn't cancel my card either. I want to know when the system itself will no longer be under maintenance.

— Elise Maile (@e_maile)

It's not just Oyster Online that isn't working though. I called earlier only to be told the systems were down. So it's all of oyster servicing not just online. Really annoying as I need to report my Oyster card lost and transfer my credit etc.

— Dean Sharpe (@deanj89)

TfL also told us: "We will contact those customers who we have identified as being affected and we encourage all customers not to use the same password for multiple sites.”

The transport authority did not say how many users had been affected. ®

Original Submission