600 Ticketing Kiosks Offline with Ransomware Attack at Northern Train.

June 1, 2022


A ransomware attack at publicly owned rail operator Northern Trains left self-service ticketing booths offline. Customers were able to continue purchasing tickets with cell phone apps, in physical ticketing booths and on the website.

"This is the subject of an ongoing investigation with our supplier, but indications are that the ticket machine service has been subject to a ransomware cyberattack. Working with the supplier, we took swift action and the incident has only affected the servers which operate the ticket machines. Customer and payment data has not been compromised." A representative for Northern Trains referred further questions on to Flowbird Transport, which provides the ticketing system in question, telling us "it's their system that's been affected."

Incident Date

July 14, 2021

Estimated Cost

No cost values disclosed.

Type of Malware

No Malware identified

Threat Source

No threat source identified