Cyber vandalism on Wi-Fi networks at UK train stations spread an anti-Islam message

Pierluigi Paganini September 27, 2024

UK police are investigating a cyberattack that disrupted Wi-Fi networks at several train stations across the country.

U.K. transport officials and police are investigating a cyber attack on public Wi-Fi networks at the country’s biggest railway stations. Following the ‘cyber-security incident,’ passengers trying to log onto the Wi-Fi at several stations on Wednesday evening were displayed a page with the message “We love you, Europe,” followed by an anti-Islam message listing a series of terror attacks.

The police confirmed they are investigating reports of “Islamophobic messaging on some Network Rail Wi-Fi services.”

The Wi-Fi networks at 19 stations, including Manchester Piccadilly, London Euston, Manchester Piccadilly, Liverpool Lime Street, Birmingham New Street, Glasgow Central and several London terminuses.

Network Rail, which oversees the stations affected by the cyberattack, confirmed that the Wi-Fi service had been disabled as a precaution. Network Rail also confirmed that no passenger data was compromised following the cyber attack.

“British Transport Police are investigating the incident,” Network Rail said in a statement. “This service is provided via a third party and has been suspended while an investigation is under way.”

Network Rail’s wifi system is run by a third-party company, Telent, with the actual internet service provided by another company, Global Reach.

“Telent can confirm that the incident was an act of cyber vandalism which originated from within the Global Reach network and was not a result of a network security breach or a technical failure.“ reads a statement issued by Telent following investigations with Global Reach.

“The aim is to restore public Wi-Fi services by the weekend,” Telent added.

“The rail provider said it believed other organisations, not just railway stations, had been affected.” states the BBC.

“This service is provided via a third party and has been suspended while an investigation is under way,” a Network Rail spokesperson said.

In early September, Transport for London (TFL) suffered a cyberattack that exposed some customer names, contact details, and possibly bank account information.

Transport for London (TfL) is a local government body responsible for most of the transport network in London, United Kingdom.

The National Crime Agency investigated the security breach and the UK police arrested a 17-year-old from Walsall who is allegedly linked to the cyberattack. The attack has continued to disrupt TFL’s online services, affecting functions like refunds and real-time transit information.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Wi-Fi networks)

Cybercrime Hacking hacking news information security news IT Information Security NCA Pierluigi Paganini rails station Security Affairs Security News UK Wi-Fi

Pierluigi Paganini July 14, 2025

Interlock ransomware group deploys new PHP-based RAT via FileFix

Pierluigi Paganini July 14, 2025