The company, an important provider of UK bus services and London’s biggest operator, said it became aware of a fault on its server late on Sunday and was working hard to keep buses running without disruption. The issues became more widespread on Monday, affecting several back office systems, including bus services and payroll software. Go-Ahead said it was working with IBM to activate backup systems to ensure its bus services can keep running. The cyberattack does not affect its rail business, which runs on separate systems and is operating normally in the UK and abroad. A spokesperson said: “We’re doing everything possible to ensure services continue without interruption but if services are affected we’ll inform our customers using social media.” Go-Ahead runs Great Northern, Thameslink, Gatwick Express and Southern rail and also operates rail services in Norway and Germany. It runs nearly a quarter of London’s buses as well as bus services in southern and eastern England, and also has bus contracts in Singapore, Sweden and Ireland. The company has informed regulators of the attack, including the Information Commissioner’s Office in the UK. In June, Go-Ahead accepted a £650m takeover offer from a consortium of the Australian bus operator Kinetic and the infrastructure specialist Globalvia. It is the latest British transport company to become a takeover target, along with Stagecoach and FirstGroup. The deal is expected to be completed in October if shareholders accept the terms. Cyberattacks on governments, companies and other organisations have multiplied in recent years. Doctors have been forced to take care notes with pen and paper after a recent cyberattack on an NHS supplier, the software and services provider Advanced. Two years ago, easyJet admitted the personal information of 9 million customers was accessed in a “highly sophisticated” cyberattack on the airline, one of the biggest to affect any company in the UK. British Airways was fined £183m in July 2019 after hackers stole the personal information of half a million customers. In the same month, the hotels group Marriott was fined £99.2m for a breach that exposed the data of 339 million customers worldwide. Banks and telecoms companies have also been hacked in recent years.
