Man arrested after terrorism message appears in Wi-Fi 'cyber incident' at UK train stations

A man has been arrested after a 'cyber security incident' saw the Wi-Fi at UK train stations hijacked with a terrorism message on Wednesday evening (September 25).

An investigation was launched after the log in pages for the Wi-Fi at Network Rail managed stations across the country, including at Manchester Piccadilly and London Euston, had changed to a website headlined 'We love you, Europe'.

The page contained information about terror incidents in the UK and abroad, which the British Transport Police described as 'Islamophobic messaging'. All Wi-Fi services at affected stations have been halted.

READ MORE More details emerge over Piccadilly station Wi-Fi 'cyber attack' after site 'hacked with terror message'

It was revealed that the 'act of cyber vandalism' came from within Global Reach, the provider of the Wi-Fi landing page. Communications firm Telent said 'an unauthorised change' was made to the Network Rail landing page from a 'legitimate Global Reach administrator account'.

A man, who is an employee of Global Reach Technology, was arrested on Thursday (September 26) on suspicion of offences under the Computer Misuse Act and Malicious Communications Act.

This followed an investigation by British Transport Police into the abuse of access to the Network Rail Wi-Fi services, which were impacted at 20 Network Rail stations across the UK.

"Officers received reports just after 5pm yesterday (25 September) of a breach of some Network Rail Wi-Fi services at railway stations which were displaying Islamophobic messaging. The abuse of access was restricted to the defacement of the splash pages, and no personal data is known to have been affected," a BTP spokesperson said.

"The man is an employee of Global Reach Technology who provide some Wi-Fi services to Network Rail. He has been arrested on suspicion of offences under the Computer Misuse Act 1990 and offences under the Malicious Communications Act 1988."

A Global Reach spokesperson added: “We are aware of the cyber vandalism affecting a small number of our customers’ Wi-Fi captive portals. We’ve taken immediate measures to eliminate the risk and protect our customers. We are working with the authorities to support the ongoing investigation, thus cannot go into any further details at this point in time.”