This'll quickly get OT, not least as the list of potential exploits is
long.
That said, one of the most obvious flaws is pretty much laid out in the statement you're questioning.
There's zero worthwhile authentication of the sender. Bad. If the recipient fax is on the PSTN then potentially anyone can fax stuff to it. Worse. Now add the ease with which those of malign intent can spoof their apparent sending number to give false assurance or get past filters. Worse again. So that's a system which is very obviously open to being compromised.
At the other end of the exotic exploits spectrum, traditional fax is just sending an unencrypted analogue signal formatted according to a public domain standard over some primitive cables. There's all sorts of things you can do to that on its journey from source to sink if you can get proximity to relevant cables somewhere and, crucially, can really be bothered.
However, as we're not talking state secrets or even safety critical train stuff, who's going to do any of that? You'd need a lot of inside knowledge and to go to a lot of effort just to, if you're lucky, send some train drivers on a mildly comical wild goose chase for a bit. If it was a Sunday, the service might be improved if the diagrams/timetable/whatever for the three drivers who've been bribed into working were replaced with a random number generator!
The story doesn't seem to stack up anyway if the debunking by insiders here is sound. Even if it did, it hasn't been jumped on for its own significance. Rather it's because it's emblematic of how the overall institution still makes like it's 1976 in many ways. All the while it continues to hoover up ever vaster amounts of taxpayer wad and simultaneously badly fails to deliver on its promises like... a decent approximation to the timetabled service 7 days a week.