Cyberattacks hit UK railway stations, terror warnings spread via hacked Wi-Fi
Several major railway stations across the UK have been hit by cyberattacks, disrupting Wi-Fi services and spreading alarming messages about potential terrorist attacks in Europe.
According to media reports, passengers attempting to log into station Wi-Fi were greeted with a message warning of a terror attack in Europe. In response, Wi-Fi services were immediately shut down at the affected stations.
UK transport officials and police are investigating a “cyber-security incident” after users of public Wi-Fi networks at 19 of the country’s largest railway stations reported being shown anti-Muslim messages.
On Wednesday evening, passengers attempting to log onto the Wi-Fi at stations, including Manchester Piccadilly, Birmingham New Street, London Euston, Glasgow Central. and several London terminuses, were met with a landing page that initially displayed the message, “We love you, Europe,” followed by an Islamophobic message listing several terror attacks.
Network Rail, the organisation responsible for managing the stations, confirmed that no passenger data was compromised, and the Wi-Fi service was immediately disabled.
"British Transport Police are investigating the incident," Network Rail said in a statement. “This service is provided via a third party and has been suspended while an investigation is under way."
The British Transport Police confirmed they were investigating reports of "Islamophobic messaging on some Network Rail Wi-Fi services."
Telent, the company providing the Wi-Fi at these stations, revealed that an "unauthorised change" had been made to the landing page from a "legitimate administrator account."
The company said the issue is now the subject of a criminal investigation.
This latest cyberattack follows a previous one in early September that targeted Transport for London (TfL), which operates the city’s buses, subways, and suburban trains.
That breach exposed customer names, contact details, and potentially bank account information, according to TfL, and is under investigation by the National Crime Agency.
A 17-year-old was arrested in connection with the TfL cyberattack, questioned, and later released on bail without charges. Weeks after the attack, TfL’s ability to provide some online services, such as refunds and real-time transit information, remains affected.