Part of the British Transport Police’s (BTP) website has been hacked, the force has confirmed.
BTP said it was made aware of “a threat to the newsroom section” of its website – hosted by an external supplier.
Exploit: Website hack
British Transport Police: National special police force charged with protecting the light-rail systems in England, Scotland, and Wales
Risk to Small Business: 2.222 = Severe: A hack on the agency’s website, which is hosted by an external supplier, compromised the “latest news” section of its page. To continue providing timely updates to the public, officials redirected users to a Tumblr blog run by the police force. This informational website is not connected to the agency’s crime management or control systems, and operational capabilities were not diminished in any way.
Individual Risk: 2.142 = Severe: The agency indicated that a “small number” of staff details were made accessible during the breach, but they did not elaborate on the nature or scope of that information. Employees affiliated with the website should be vigilant about identity monitoring and credential use, as that information is the most likely to be compromised in such a breach.
Customers Impacted: Unknown
Having a response plan is an integral part of any cybersecurity initiative. Whether it’s backup information systems or other external solutions – like redirecting users to other controlled platforms – companies need to be able to remain effective in the wake of a website hack. At the same time, they should audit their security landscape to ensure that they are issuing the best defenses to address the most pertinent threats.
1 – 1.5 = Extreme Risk
1.51 – 2.49 = Severe Risk
2.5 – 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.