Ten London train stations were hit by a cyber attack which showed “Islamophobic” messaging on Network Rail Wifi services, according to police.
Nineteen stations across the UK have been affected in total, with only St Pancras not impacted. Those in London are Euston, King’s Cross, London Bridge, Charing Cross, Cannon Street, Liverpool Street, Paddington, Clapham Junction and Waterloo in London.
In a statement, the British transport police said it had received reports at around 5:03 pm yesterday of “a cyber-attack displaying Islamophobic messaging on some Network Rail Wi-Fi services.
“We are working alongside Network Rail to investigate the incident at pace.”
Other stations impacted include Manchester Piccadilly, Leeds City, Liverpool Lime Street, Reading and Bristol Temple Meads.
A Network Rail spokesperson said: “We are currently dealing with a cyber security incident affecting the public Wi-Fi at Network Rail’s managed stations. This service is provided via a third party and has been suspended while an investigation is underway.”
The incident comes less than a month after Transport for London (TfL), the body operating London’s transport network, was hit by a major cyber security incident in which some customers bank details were stolen. A 17-year old teenager has been arrested in connection with the attack.
Telent, the third-party provider of Network Rail’s wifi, told the PA News agency it was also investigating the incident.
“We are aware of the cybersecurity incident affecting the public wifi at Network Rail’s managed stations and are investigating with Network Rail and other stakeholders,” it said.
“We have been informed there is an ongoing investigation by the British Transport Police into this incident, so it would not be appropriate to comment further at this stage.”
Adrianus Warmenhoven, a cybersecurity expert at NordVPN, said the attack was a “stark reminder” that public Wi-Fi can be a “playground for cybercriminals.”
“Unsecured public networks in busy areas are easy pickings for hackers and the incident highlights the need for heightened vigilance when using these services — which can be more vulnerable to cyberattacks.”