Elham Asaad Buaras
A man was arrested on September 26 following a shocking Islamophobic cyberattack that targeted the free Wi-Fi at major UK railway stations the previous day. The suspect is an employee of Global Reach Technology, which provides some Wi-Fi services to Network Rail. Passengers accessing the Wi-Fi at Piccadilly station were directed to a webpage titled “We love you, Europe”, which contained Islamophobic messages and details of several terrorist attacks in the UK and Europe.
Wi-Fi at the stations is controlled by a third-party provider named Telent, which revealed that an ‘unauthorised change’ was made to the landing page by a ‘legitimate administrator account’ for Global Reach, the provider of the Wi-Fi landing page. The Wi-Fi system was quickly taken offline, and police were called in to investigate.
Among the 19 stations affected were London Bridge, Manchester Piccadilly, and Edinburgh Waverley. The only Network Rail-managed station not affected was London’s St Pancras.
British Transport Police stated, “We received reports at around 5.03 pm yesterday of a cyberattack displaying Islamophobic messaging on some Network Rail Wi-Fi services.” Authorities are investigating the situation “at pace” and confirmed that no personal data was compromised.
The suspect is under investigation for offences under the Computer Misuse Act 1990 and the Malicious Communications Act 1988. Network Rail assured, “Given the nature of the Wi-Fi service provided, we do not believe any personal data has been impacted by the hack,” and added, “Once our final security checks have been completed, we anticipate the service will be restored by the weekend.”
Telent remarked, “We are aware of the cybersecurity incident affecting the public Wi-Fi at Network Rail’s managed stations and are investigating with Network Rail and other stakeholders.”
The recent incident follows a significant cyberattack on Transport for London (TfL) in early September, which operates the capital’s bus, underground, and suburban train systems. This attack potentially compromised the personal details of thousands of customers. Although TfL’s services continued to operate normally, the company restricted access to live travel data used by travel apps such as Citymapper and TfL Go, along with customer services related to journey history and photocard registration, as it managed the breach.
The National Crime Agency (NCA) reported that a 17-year-old boy from Walsall was detained on suspicion of offences under the Computer Misuse Act 1990 in connection with the attack on TfL’s systems. He has since been released on bail after questioning by NCA officers. As a precaution, TfL is reaching out to approximately 5,000 customers to inform them that their email and bank account details may have been accessed. This precautionary measure is particularly relevant for those who applied for refunds on journeys made using Oyster cards.
TfL said there was no date set for when passenger journeys and live travel data would be accessible again. It added, “We can assure customers that once it is available they will be able to see their full journey history and correct any incomplete journeys or maximum fares.”
