Eurostar makes customers reset passwords after suffering data breach
The company said usernames and passwords were stolen, but not payment information
All Eurostar customers have been directed to reset their passwords after a massive data breach potentially affecting all of its customers.
However, the company was quick to tell anyone who had used the company's online booking service or its website that their payment details were not compromised because the firm doesn't store that information online.
Eurostar said it was a victim of criminal activity that resulted in the theft of data including user emails and passwords between 15 and 19 October. The company sent an email to customers on Tuesday warning them of the hack and instructing them to keep an eye on their accounts for any unusual activity.
Eurostar also advised the Information Commissioner's Office (IOC) about the breach as soon as it became aware of the issue, as per the new GDPR guidelines. The organisation said it has received Eurostar's report and was investigating into the breach, as per protocol.
"This email was sent after we identified what we believe to be an unauthorised automated attempt to access customer accounts, so as a precaution, we asked all account holders to reset their password," a Eurostar spokesperson said." We deliberately never store any payment details or bank card information, so there is no possibility of those being compromised."
The IT Pro guide to Windows 10 migration
Everything you need to know for a successful transitionDownload now
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Software-defined storage for dummies
Control storage costs, eliminate storage bottlenecks and solve storage management challengesDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now