Northern Rail ticket machines hit by ransomware attack
Northern Rail’s new self-service ticket machines have been the subject of a ransomware attack, the rail operator confirmed this evening.
The machines were taken offline last week and the government-operated franchise has launched an investigation into the attack.
It said that no customer or payment data had been accessed by the attack, which was limited to its servers.
Passengers should use Northern Rail’s website or app to book tickets, it added, and should collect them from ticket offices if necessary.
In a statement, a spokesperson for the firm said: “Last week we experienced technical difficulties with our self-service ticket machines, which meant all have had to be taken off-line.
“This is the subject of an ongoing investigation with our supplier, but indications are that the ticket machine service has been subject to a ransomware cyber-attack.
“Working with the supplier, we took swift action and the incident has only affected the servers which operate the ticket machines. Customer and payment data has not been compromised.”
The attack, which was first reported by the BBC, comes just two months after Northern Rail installed 621 of the self-service machines across 400 stations in the north, at a cost of £17m.
Northern Rail was put under the control of the government’s “operator of last resort” last March.