Transport for London says 2024 breach affected 7M customers, not 5,000
Summary
Transport for London (TfL) has revealed that a 2024 data breach impacted over 7 million customers, significantly more than the initial estimate of a few thousand. Attackers gained access to systems containing data related to Oyster and contactless payment users.
IFF Assessment
This is bad news for defenders as it represents a large-scale data exposure affecting millions of individuals, increasing the potential for identity theft and fraud.
Defender Context
This breach highlights the significant impact of unauthorized access to customer data, especially for large organizations managing millions of users. Defenders must prioritize robust access controls, continuous monitoring for suspicious activity, and comprehensive incident response plans to mitigate the fallout from such events.