Prisoner Escorts Hit by Cyberattack: Tracking Systems Fail in UK
This week, the United Kingdom witnessed a large-scale cyberattack that impacted the security and operations of several major companies, including prisoner escort services and logistics operators. The attack, which affected the technology partner Microlise, disrupted the management and tracking of transportation.
Microlise, a UK-based company specializing in fleet management solutions, experienced a significant cyber incident that caused outages across a substantial portion of its services. This led to operational disruptions for several key clients, including major partners such as DHL UK and the Nisa retail chain. However, the most severe impact was on Serco, which provides prisoner transportation under a contract with the UK Ministry of Justice.
Serco began fulfilling a £200 million six-year contract in May of this year. Under the agreement, the company is responsible for escorting around 25,000 prisoners monthly and managing several correctional facilities. However, the Microlise system failure caused the tracking devices and panic buttons in Serco’s vehicles to become inoperable. As a result, drivers were left vulnerable, with prisoner monitoring systems down for several days. Sources indicate that it took three days for drivers to be informed of the security issues.
Due to the incident, Serco’s management was forced to implement temporary safety measures. Drivers were provided with paper maps and instructed to check in with prison bases every half hour. Sources report that staff were also advised to keep their mobile phones fully charged for emergencies. The disruption of navigation and other functions complicated task execution and jeopardized personnel safety.
The cyberattack on Microlise highlights the risks of cyber threats within supply chains, which can lead to substantial real-world consequences. Kevin Robertson, COO of Acumen Cyber, noted that the attack on Microlise demonstrates how unforeseen cyberattack impacts can lead to real-life challenges. He emphasized that in Serco’s case, the inability to track prisoners’ locations poses a potential danger to society.
DHL also experienced significant repercussions from the attack, with its delivery service encountering tracking issues for the Nisa retail network throughout the week. System disruptions hampered timely notifications on deliveries to 2,500 stores across the UK. In response, DHL stated that additional measures had been implemented to minimize the impact on customers.
Microlise officially confirmed the incident, announcing that from the moment unauthorized access was detected, measures were taken to mitigate the threat and restore service functionality. Investigations revealed that some employee data had been compromised, though no client systems were breached. The company expects to have core platform functions restored by the end of the week.
The cyberattack on Microlise serves as a stark warning for the industry, underscoring the heightened risks associated with third-party providers in supply chains. Experts noted that the incident resembles a ransomware attack and emphasizes the importance of strengthening cyber resilience amid escalating threats. They suggest that such incidents illustrate the vulnerability of digital infrastructure, even when targeting auxiliary platforms.
Microlise, which serves over a thousand clients worldwide, including 88% of British grocery retailers and partners such as JCB, Hovis, and other prominent brands, has already engaged external cybersecurity specialists to assess the incident and prevent similar threats in the future.