Staff details leaked in British Transport Police website hack

Attackers steal personal information after taking down the website’s newsroom section

The news section on the British Transport Police's website

The email addresses and phone numbers of British Transport Police (BTP) staff have been leaked after hackers compromised the newsroom section of the police force's website.

The BTP confirmed it was recently "made aware of a cyber security threat" to its website, which is hosted by an external supplier, and have entirely suspended its newsroom section as a precaution. This has been replaced with a Tumblr feed while investigations ensue.

Although BTP did not provide a timeline of the attack, the earliest post on this makeshift news feed dates back to Monday 13 May, with the rest of its archive appearing blank.

"The Force has worked closely with the National Cyber Security Centre, the National Crime Agency and the external supplier to understand the nature of the threat and if there has been any compromises," a spokesperson said.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"This system has no affiliation with the Force's crime management or command and control systems and has not compromised the Force's operational capabilities. All the relevant authorities have been notified of this incident.

"BTP is supporting an ongoing investigation being coordinated by the National Crime Agency and the National Cyber Security Centre and is working to restore the latest news section as soon as possible."

Although the hack was first thought to have targeted just the news section, early investigations have revealed a "small number" of employee's BTP emails and telephone numbers were exposed.

The National Cyber Security Centre (NCSC) told IT Pro its staff are aware of a cyber incident affecting the BTP and are working with them and law enforcement partners to advise on measures to mitigate the effects.

The NCSC also corroborated the BTP's claim that the incident only affected its newsroom section, and posed no threat to either its crime or command and control systems.

IT Pro approached the Information Commissioner's Office (ICO), which confirmed it will assess information around the hack provided by the BTP.

Advertisement - Article continues below

It is not yet clear whether hackers had specifically targeted BTP, or whether its supplier had been caught up in a non-targeted cyber attack.

But malicious actors previously did strike the computer systems of the Police Federation of England and Wales (PFEW) earlier this year in what appeared to be a random cyber attack.

The association body representing near-120,000 police officers was able to contain the attack to just its Surrey headquarters and prevent it from spreading to its 43 individual branches across the country.

Featured Resources

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

6 ways your business could suffer if you don’t backup Office 365

Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for good

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now

8 digital best practices for IT professionals

Don't leave anything to chance when going digital

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/mobile/28299/how-to-use-chromecast-without-wi-fi
Mobile

How to use Chromecast without Wi-Fi

5 Feb 2020
Visit/policy-legislation/data-protection/354814/google-to-shift-uk-user-data-to-the-us-post-brexit
data protection

Google to shift UK user data to the US post-Brexit

20 Feb 2020
Visit/operating-systems/27717/how-to-fix-a-stuck-windows-10-update
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020
Visit/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers
Security

The top ten password-cracking techniques used by hackers

10 Feb 2020