Northern Rail reports cyber attack on self-service ticket machines

Northern Rail in the UK has reportedly shut down its new self-service ticket machines following a suspected ransomware cyber attack.

The system has been offline since last week while an investigation is conducted.

In May this year, Northern Rail installed 621 new ticket vending machines (TVMs) across its network under a comprehensive modernisation scheme.

As part of the $23.65m (£17m) scheme, the rail operator introduced modern touch-screen machines at around 420 station locations.

The installation works were carried out by Flowbird Transport Intelligence.

Northern Rail said that data related to customer and payment has not been compromised due to its ‘swift action’ with Flowbird.

The cyber attack has caused an outage to the servers that operate the ticket machines.

Northern Rail was quoted by the BBC as saying: “This is the subject of an ongoing investigation with our supplier, but indications are that the ticket machine service has been subject to a ransomware cyber attack.”

The website of the rail operator stated that the ticket machines were undergoing ‘technical difficulties’.

Passengers have been advised to buy tickets from the ticket offices or from the Northern Rail app/website for advance bookings.

The operator is currently working to have the machines up and running again soon.

Northern Rail said in a statement said: “Customers who have already bought tickets to be collected at a machine, or who would normally use ‘promise to pay’ slips, should board their booked service and either speak to the conductor or to Northern staff at their destination station.”

Last March, the UK Department for Transport (DfT) operator of last resort (OLR) started operating Northern Rail services previously managed by Arriva Rail North.

The post Northern Rail reports cyber attack on self-service ticket machines appeared first on Railway Technology.