Transport for London (TfL) staff have been asked to consider working from home on Tuesday as the transport body faces an ongoing cyber attack, the PA news agency understands.
It is mainly the organisation’s corporate headquarters at Palestra House, Southwark, thought to be affected.
Employees have been told to work from home if that makes it easier to do their role due to mitigations implemented in offices.
There has been no impact on the transport network and no evidence that customer data has been accessed.
In a statement on Monday night, Shashi Verma, TfL’s chief technology officer, said: “We have introduced a number of measures to our internal systems to deal with an ongoing cyber security incident.
“The security of our systems and customer data is very important to us and we will continue to assess the situation throughout and after the incident.
“Although we’ll need to complete our full assessment, at present, there is currently no evidence that any customer data has been compromised.
“There is currently no impact on TfL services, and we are working closely with the National Crime Agency (NCA) and the National Cyber Security Centre (NCSC) to respond to the incident.”
A spokesperson for the NCA said: “We are aware of a cyber security incident involving Transport for London, and are working closely with the National Cyber Security Centre and with TfL itself to respond to it.
“The investigation is ongoing, and we are unable to comment further.”
William Wright, chief executive of cybersecurity company Closed Door Security, said: “The big question people will also want to know is who carried out the attack and if it can be attributed to another country, like Russia.
“TfL was also attacked by Russia last year, so it definitely isn’t out of the realms of possibility.
“Furthermore, given Russia’s recent uptick in attacks on the West, it wouldn’t be surprising, but it is far too early to speculate.”
TfL was targeted by Russian hackers in June last year as part of a wider raid that saw personal information stolen.