Eurostar resets customer passwords after hack attack

Eurostar train Eurostar resets customer passwords after hack attack Eurostar resets customer passwords after hack attack c37dc62e9dImage copyrightEurostar

Eurostar has reset its customers’ login passwords after detecting attempts to break into an unspecified number of accounts.

The rail service said it had notified those whose accounts had been targeted.

Other passengers will be told they have been blocked the next time they try to log in and will be asked to reset their details.

The firm declined to say whether any of the hack attacks were successful but said payment details were not affected.

“We believe this to be an unauthorised automated attempt to access customer accounts,” a spokesman told the BBC.

Credit cards ‘not compromised’

“As a result, we blocked access and asked customers to reset their passwords as a precautionary measure.

“We deliberately never store any bank card information, so there is no possibility of compromise to credit card or payment details.”

The firm said the attacks had taken place between 15 and 19 October and involved a “small number” of internet protocol (IP) addresses.

It is not disclosing whether their origin has been traced.

Customers who previously asked why their passwords had been reset had been told it was the result of “maintenance” to the firm’s website.

Skip Twitter post by @Eurostar

Hi. Recently we have performed maintanence on the Eurostar website and have requested that our customers reset their passwords. Sorry for any inconvenience.

— Eurostar (@Eurostar) October 23, 2018

End of Twitter post by @Eurostar

The Information Commissioner’s Office said it had been made aware of the incident.

“We’ve received a data breach report from Eurostar and are making enquiries,” said a spokeswoman.

Image copyrightEurostar

Under the General Data Protection Regulation (GDPR) – which came into force in May organisations must let regulators know about serious personal data breaches involving EU citizens within 72 hours of becoming aware of them or face a fine, even if they do not yet have all the details.

In recent weeks, a number of airlines have revealed they have also been targeted by hackers.

It is not clear whether any of this activity is linked.

Original Source