A man was arrested last night following a British Transport Police investigation into a cyber attack affecting the WiFi networks at stations managed by Network Rail.
The man now being questioned is suspected of committing offences under the Computer Misuse Act 1990 and the Malicious Communications Act 1988.
Network Rail said the WiFi at its 19 stations is provided by a third party and doesn’t collect personal data.
The BBC reported that passengers at Network Rail’s 19 managed stations said phone screens showed ‘dodgy’ popups and ‘bizarre security alerts’, which British Transport Police described as ‘Islamophobic messaging’, but there are no reports of related incidents on other railway computer networks.
Network Rail employs Telent to manage its station WiFi, and BTP said the man now being questioned is an employee of Global Reach Technology, a contractor of Telent.
British Transport Police added: ‘The abuse of access was restricted to the defacement of the splash pages, and no personal data is known to have been affected.’
The attack was the second this month. Transport for London is still recovering from a breach earlier in September which is thought to have compromised data on 5,000 TfL passengers, including Oyster card holders.
A drama series started on BBC1 on 15 September about a major cyber attack on railway systems. The six part series Nightsleeper is about an overnight train on the Glasgow to London route which becomes out of control.