The first response to “What do we do when our business has been hacked?” should not include, “Figure out who we blame” — or thrown under public transportation in this case. The Register reports:
The Transport for London (TfL) “cyber incident” is heading into its third day amid claims that a popular appliance might have been the gateway for criminals to gain access to the organization’s network.
TfL remains tightlipped over the nature of the incident and its broader impact, sticking instead to the line that there is currently no evidence of customer data being compromised or impact to TfL services. However, claims have emerged regarding how criminals got a foothold.
One source close to the matter told us, “The TfL hack was their Cisco VPN getting popped.”
Other reports noted that pretty much all outbound internet has been cut and inbound restricted, presumably to permit all the employees who found themselves suddenly needing to work from home to get online.
Read more at The Register.