TL
Company Details
Linkedin ID:
transport-for-london
Website:
Employees number:
18,421
Number of followers:
0
NAICS:
8135
Industry Type:
Homepage:
tfl.gov.uk
IP Addresses:
0
Company ID:
TRA_1067071
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Transport for London Vendor Cyber Rating & Cyber Score
tfl.gov.ukEvery day, we help millions of people to make journeys across London: By Tube, bus, tram, car, bike – and more. People don’t associate us with journeys by river, on foot or via the air, but we help with that, too. Getting people to where they need to go has been our business for over 100 years, and it shows. We’re leaders in our field, and no other city’s transport system is quite as recognisable: Red buses, black taxis, Tube trains and roundels have become icons in their own right. Our main job is to keep the city moving, working and growing but to do that, we have to listen. Constant improvements across the network are fuelled by feedback and comments from customers, as well as work within communities, representative groups, businesses and other London transport stakeholders. But our progress also depends on technology and data. With the future at our fingertips, we’ve already used it to revolutionise travel payments (think Oyster and contactless payment cards), and improved travel information. Tech and data is essential, not just to our future, but to others’: third parties use our data to power apps and services vital to customer journeys. So what’s next? As well as continuing to deliver Mayor of London, Sadiq Khan’s strategy and commitments on transport, our programme of capital investments is still one of the largest. We launched the Elizabeth line, we’re modernising services and stations and making travel safer for all.
Transport for London A.I CyberSecurity Scoring
TL Risk Score (AI oriented)Between 750 and 799
TL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
TL Global Score (TPRM)XXXX
TL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
TL Company CyberSecurity News & History
Past Incidents
5
Attack Types
2
Transport for London (TfL)
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: The cyber attack on Transport for London (TfL), executed by the teenage hacker collective Scattered Spider, caused $53 million in damages and three months of operational downtime. The breach led to the potential compromise of sensitive data, including employee names, emails, home addresses, and some customer data. The attack severely disrupted TfL’s transport services, highlighting vulnerabilities in critical infrastructure. Two defendants Thalha Jubair (19) and Owen Flowers (18) pleaded not guilty, with the trial scheduled for June 2026. The incident underscores the rising threat of cyber attacks on public services, with far-reaching financial and reputational consequences.
Transport for London (TfL)
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: In a targeted cyber attack on Transport for London (TfL), two teenagers Thalha Jubair (19) and Owen Flowers (18) were charged under the Computer Misuse Act for orchestrating unauthorized acts that disrupted critical services. The attack, which unfolded over three months, severely impacted TfL’s operational infrastructure. Key disruptions included: - Real-time Tube information becoming unreliable or inaccessible, causing commuter confusion and delays. - Online journey history being compromised, affecting user records and travel data integrity. - Payment systems on the Oyster app experiencing outages, hindering fare processing and potentially leading to financial inconvenience for passengers. The prolonged disruption underscored vulnerabilities in TfL’s digital infrastructure, raising concerns about the resilience of public transport cybersecurity. While no evidence suggests data theft or ransomware demands, the attack’s operational and financial repercussions including reputational damage and service degradation highlighted the broader risks posed by cyber threats to essential urban services. The case remains under legal proceedings, with a trial scheduled for June 2026.
Transport for London (TfL)
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Transport for London (TfL) suffered a ransomware attack in early September 2024, resulting in financial losses of £39 million. The attack was attributed to the Scattered Spider hacking group, with two teenagers (aged 18 and 19) arraigned in court for their involvement. The incident disrupted operations and led to significant recovery costs, including legal, forensic, and system restoration expenses. The trial is scheduled for June 2025, highlighting the growing threat of ransomware against critical public infrastructure. The attack underscores the vulnerability of transportation networks to cyber extortion, with broader implications for urban mobility and public trust in digital systems.
Transport for London (TfL)
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: In August 2024, Transport for London (TfL) suffered a cyber-attack orchestrated by suspected members of the Scattered Spider group, specifically Thalha Jubair (19) and Owen Flowers (18), who were later charged under the UK’s Computer Misuse Act. The breach compromised sensitive personal data of ~5,000 customers, including Oyster refund records with bank account numbers and sort codes. The attack disrupted TfL’s operations, incurring £30m (~$40.6m) in total costs, with £5m (~$6.7m) spent on external recovery efforts. The incident targeted critical national infrastructure, highlighting the group’s focus on high-impact extortion. Jubair alone was linked to 120+ network intrusions and $115m in ransom payments across 47 US entities, with cryptocurrency transfers (e.g., $8.4m moved during law enforcement seizures) suggesting sophisticated financial exploitation. The attack underscored the growing threat of UK-based cybercriminal syndicates leveraging social engineering to infiltrate systems, extort victims, and evade detection through minimal digital trails.
Transport for London (TfL)
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In August 2024, Transport for London (TfL) suffered a cyberattack attributed to the Scattered Spider hacking collective, involving two arrested teenagers (18-year-old Owen Flowers and 19-year-old Thalha Jubair). Initially, TfL claimed no customer data was compromised, but later confirmed the breach included names, contact details, and addresses of customers. The attack disrupted internal systems, online services, and refund processing, causing millions in financial losses and operational disruptions. TfL, a critical infrastructure provider serving 8.4 million Londoners, had previously faced a 2023 Clop ransomware attack via a third-party MOVEit server, exposing data of 13,000+ customers. The 2024 incident was part of a broader campaign by Scattered Spider, which also targeted U.S. healthcare providers (SSM Health, Sutter Health) and extorted $115M+ globally from 47+ U.S. organizations. While the attack did not halt transport services, it compromised customer PII and crippled administrative functions, aligning with patterns of financially motivated cybercrime with reputational and operational fallout. The NCA linked the group to 120+ breaches worldwide, highlighting its role in large-scale extortion and fraud.
TL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for TL
Incidents vs Non-profit Organizations Industry Average (This Year)
No incidents recorded for Transport for London in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Transport for London in 2026.
Incident Types TL vs Non-profit Organizations Industry Avg (This Year)
No incidents recorded for Transport for London in 2026.
Incident History — TL (X = Date, Y = Severity)
TL cyber incidents detection timeline including parent company and subsidiaries
TL Company Subsidiaries
Every day, we help millions of people to make journeys across London: By Tube, bus, tram, car, bike – and more. People don’t associate us with journeys by river, on foot or via the air, but we help with that, too. Getting people to where they need to go has been our business for over 100 years, and it shows. We’re leaders in our field, and no other city’s transport system is quite as recognisable: Red buses, black taxis, Tube trains and roundels have become icons in their own right. Our main job is to keep the city moving, working and growing but to do that, we have to listen. Constant improvements across the network are fuelled by feedback and comments from customers, as well as work within communities, representative groups, businesses and other London transport stakeholders. But our progress also depends on technology and data. With the future at our fingertips, we’ve already used it to revolutionise travel payments (think Oyster and contactless payment cards), and improved travel information. Tech and data is essential, not just to our future, but to others’: third parties use our data to power apps and services vital to customer journeys. So what’s next? As well as continuing to deliver Mayor of London, Sadiq Khan’s strategy and commitments on transport, our programme of capital investments is still one of the largest. We launched the Elizabeth line, we’re modernising services and stations and making travel safer for all.
Loading...
TL Similar Companies
International Committee of the Red Cross - ICRC
Established in 1863, the International Committee of the Red Cross (ICRC) works worldwide to provide humanitarian help for people affected by conflict and armed violence and to promote the laws that protect victims of war. An independent and neutral organization, its mandate stems essentially from th
CASA DE LA FAMILIA
Casa de la Familia (CDLF) is a 501(c)(3) non-profit organization founded in 1996 by Clinical Psychologist Dr. Ana Nogales whose vision was to create an organization dedicated to ensuring long-lasting mental health success of children, youth, and families in response to psychological trauma. We prov
World Vision
World Vision is the largest child-focused private charity in the world. Our 33,000+ staff members working in nearly 100 countries have united with our incredible supporters to impact the lives of over 200 million vulnerable children by tackling the root causes of poverty. Through World Vision every
International Rescue Committee
The International Rescue Committee responds to the world’s worst humanitarian crises and help people to survive, recover, and gain control of their future. Founded in 1933 at the request of Albert Einstein, the IRC offers lifesaving care and life-changing assistance to refugees and displaced peopl
AIESEC
AIESEC develops leadership among youth aged 18 to 30 and contributes to strengthening the global employability market by providing an end-to-end international talent recruitment solution for Enterprises, NGOs, and Start-ups. AIESEC is the world's largest youth-run organization developing the leader
UNICEF
UNICEF works in some of the world’s toughest places, to reach the world’s most disadvantaged children. To save their lives. To defend their rights. To help them fulfill their potential. Across 190 countries and territories, we work for every child, everywhere, every day, to build a better world fo
British Council
We support peace and prosperity by building connections, understanding and trust between people in the UK and countries worldwide. We uniquely combine the UK’s deep expertise in arts and culture, education and the English language, our global presence and relationships in over 100 countries, our un
Save the Children International
Save the Children Save the Children is the world's leading independent organisation for children. We work in around 120 countries. Our vision is to live in a world in which every child attains the right to survival, protection, development and participation. Last year Save the Children's prog
Médecins Sans Frontières (MSF)
Médecins Sans Frontières (MSF) is an international, independent, medical humanitarian organisation working to provide medical assistance to people affected by conflict, epidemics, disasters, or exclusion from healthcare. Since our founding in 1971, we’ve grown to a global movement delivering human
.png)
TL CyberSecurity News
March 06, 2026 08:00 AM
In Other News: FBI Hacked, US Security Pro Killed in Iran War, Hijacked Cameras Used in Khamenei Strike
Avira antivirus vulnerabilities, Transport for London data breach affects 10 million, Gaming cheat exposes North Korean hacker.
March 06, 2026 08:00 AM
TfL cyberattack may have affected over 10 million people
Transport for London (TfL) has confirmed around 10 million people had their data stolen in a 2024 cyberattack, new reports have claimed.
March 05, 2026 08:00 AM
TfL hack in 2024 affected around 10 million people, BBC can reveal
Around 10 million people had their data stolen when Transport for London (TfL) was hacked in 2024, the BBC has discovered, making it one of...
January 16, 2026 08:00 AM
Indra Group is to manage the ticketing and access control systems across London's Public Transportation network for close to 1,000 million euros
Indra Group has won one of the largest contracts in its history. Transport for London (TfL) has awarded the company the project to operate...
December 17, 2025 08:00 AM
Transportation trends 2025–2026: Modernizing America’s transportation infrastructure
Five key trends shaping the US transportation system, from AI and autonomous vehicles to funding, cybersecurity, and infrastructure...
November 27, 2025 11:55 AM
Threat to vulnerable targets | Office of Counter-Terrorism
Recent events 2023 July 4-6UNOCT and OSCE join efforts to support Tajikistan in making their critical infrastructure and public places (“soft targets”) more...
November 25, 2025 08:00 AM
Several London councils thought be affected by cyber-attacks
Several London councils are believed to have been targeted in cyber-attacks within the past few days. The Royal Borough of Kensington...
November 21, 2025 08:00 AM
Teenagers not guilty in cyber attack on London Transport and Oracle data breach by Clop Ransomware
Teenagers Plead Not Guilty in London TfL Cyber Attack Case. In a shocking turn of events, the two teenagers arrested in connection with the...
November 12, 2025 08:00 AM
UK Transport and Cybersecurity Chiefs Investigate Chinese-Made Buses
The UK is to investigate whether hundreds of Chinese-made buses can be controlled remotely by their manufacturer, amid increasing concerns...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
TL CyberSecurity History Information
Official Website of Transport for London
The official website of Transport for London is http://www.tfl.gov.uk/about.
Transport for London’s AI-Generated Cybersecurity Score
According to Rankiteo, Transport for London’s AI-generated cybersecurity score is 795, reflecting their Fair security posture.
How many security badges does Transport for London’ have ?
According to Rankiteo, Transport for London currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Transport for London been affected by any supply chain cyber incidents ?
According to Rankiteo, Transport for London has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Transport for London have SOC 2 Type 1 certification ?
According to Rankiteo, Transport for London is not certified under SOC 2 Type 1.
Does Transport for London have SOC 2 Type 2 certification ?
According to Rankiteo, Transport for London does not hold a SOC 2 Type 2 certification.
Does Transport for London comply with GDPR ?
According to Rankiteo, Transport for London is not listed as GDPR compliant.
Does Transport for London have PCI DSS certification ?
According to Rankiteo, Transport for London does not currently maintain PCI DSS compliance.
Does Transport for London comply with HIPAA ?
According to Rankiteo, Transport for London is not compliant with HIPAA regulations.
Does Transport for London have ISO 27001 certification ?
According to Rankiteo,Transport for London is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Transport for London
Transport for London operates primarily in the Non-profit Organizations industry.
Number of Employees at Transport for London
Transport for London employs approximately 18,421 people worldwide.
Subsidiaries Owned by Transport for London
Transport for London presently has no subsidiaries across any sectors.
Transport for London’s LinkedIn Followers
Transport for London’s official LinkedIn profile has approximately 0 followers.
NAICS Classification of Transport for London
Transport for London is classified under the NAICS code 8135, which corresponds to Others.
Transport for London’s Presence on Crunchbase
No, Transport for London does not have a profile on Crunchbase.
Transport for London’s Presence on LinkedIn
Yes, Transport for London maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/transport-for-london.
Cybersecurity Incidents Involving Transport for London
As of April 04, 2026, Rankiteo reports that Transport for London has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
Transport for London has an estimated 21,885 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Transport for London ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=transport-for-london' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
