Telematics giant Microlise has suffered a cyberattack that has disrupted critical tracking systems, impacting prison transport and courier services across the UK.

The breach has affected tracking software provided to outsourcing company Serco, which utilizes the technology to monitor prisoner movements and ensure employee safety. The attack temporarily disabled panic alarms and tracking in Serco’s prison vans, which transport detainees under the Ministry of Justice’s oversight, as well as tracking services for logistics provider DHL’s delivery fleet.

The software disruption was confirmed last week when Microlise informed the London Stock Exchange of the incident. While the company initially refrained from specifying customer impact, it issued an update on Wednesday, revealing that attackers may have accessed some employee data, although customer systems remain uncompromised.

“Investigations into the incident are continuing, however, the Company is confident that no customer systems data has been compromised. The investigations to date have identified that some limited employee data has been impacted by the incident,” the company wrote.

Serco, one of Microlise’s key clients, was forced to implement emergency contingency measures, advising staff to check in with dispatch centers every 30 minutes and use traditional navigation methods, including paper maps.

The contingency plan also requires mobile devices to stay charged in case of emergency needs. Serco personnel were notified that vehicle tracking, panic alarms, navigation, and estimated arrival notifications were disabled due to the attack.

Microlise said that the efforts to restore services are ongoing, with full functionality expected to resume by the end of next week.