IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Bus and rail operator Go-Ahead Group confirms "cyber security incident"

The public transport giant has been tight-lipped on the nature of the supposed attack but has tasked IBM with helping it recover

UK travel company Go-Ahead Group has confirmed that its operations have been disrupted due to a “cyber incident”, threatening rush hour commuter travel.

Go-Ahead Group operates regional public transport services in the form of buses and is the Capital’s largest bus operator, managing routes on behalf of Transport for London (TfL).

According to wider reports, it’s believed that bus and driver rosters are affected by the incident and an official statement suggested this, with the Group only confirming that “that there is no impact on UK or international rail services which are operating normally”.

“Go-Ahead announces that it is currently managing a cyber security incident after detecting unauthorised activity on its network on Monday 5 September 2022,” the company said.

“Upon becoming aware of the incident, Go-Ahead immediately engaged external forensic specialists and has taken precautionary measures with its IT infrastructure whilst it continues to investigate the nature and extent of the incident and implement its incident response plans.”

Go-Ahead also said the relevant regulators had also been notified, including the UK’s Information Commissioner's Office (ICO), and that it will continue to assess the impact on its operations, providing updates via social media channels.

The company has not indicated the nature of the attack and did not reply to IT Pro’s request for further details.

Related Resource

Cyber resiliency and end-user performance

Reduce risk and deliver greater business success with cyber-resilience capabilities

Whitepaper cover with title and text, and image of pyramid cyber-resilience modelFree Download

It told The Guardian that it was working with IBM to restore the affected parts of its systems from backups and return to normal service.

In addition to serving London’s bus routes, Go-Ahead also runs bus services throughout the south of England, in the North East and North West, comprising 11% of the nation’s bus market, by its figures.

It also operates several rail services such as Great Northern, Thameslink, Gatwick Express, and Southern - part of the larger Govia Thameslink Railway network - representing 30% of all UK rail services.

Outside of the UK, Go-Ahead operates rail services in Norway and Germany, as well as bus routes in Singapore, Sweden, and Ireland. It’s currently unclear if the bus services outside of the UK are affected by the incident.

The perceived threat to critical services such as transport and energy has increased in recent times and since the Colonial Pipeline attack in the US last year.

In response, the UK government said it would update the Network and Information Systems (NIS) regulations that govern such services to ensure they are all appropriately protected from a cyber security perspective. 

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

Empowering employees to truly work anywhere

Empowering employees to truly work anywhere

22 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Why Japan finds it so hard to digitally transform
digital transformation

Why Japan finds it so hard to digitally transform

1 Dec 2022