Eurail Confirms Stolen Traveler Data for Sale on Dark Web
Eurail Confirms Stolen Traveler Data for Sale on Dark Web 🚨
Eurail B.V., the operator that provides access to 250,000 kilometers of European railways, has confirmed that data stolen in a breach earlier this year is now being offered for sale on the dark web. The company reported that a threat actor has also published a sample of the data on the Telegram messaging platform. They are currently investigating the type of records and the number of customers affected.
Last month, Eurail disclosed that it suffered a data breach when unauthorized access to its customer database compromised sensitive information, including full names, passport details, ID numbers, bank account IBANs, health information, and contact details (email addresses, phone numbers). According to Eurail’s update, “We have become aware that the data has been offered for sale on the dark web and a sample data set has been published on Telegram.” They are continuing their investigation to determine exactly what data was compromised for each affected customer and will send individual notifications to those impacted.
Meanwhile, concerned data protection authorities have been notified in accordance with GDPR requirements, and authorities outside the EU will be alerted soon. Customers who may have had their information exposed in this incident should remain vigilant against potential phishing and scam attempts. Eurail advises customers to update their Rail Planner app account passwords and reset them on any other platform where they use the same credentials. Additionally, customers should closely monitor their bank account activity and report any suspicious transactions to their bank immediately.