Eurail has confirmed customer information was stolen in a data breach, according to notification emails sent out this week.
The European travel company, also known as Interrail to EU residents, initially posted the news on January 10, but affected customers, the number of whom was not disclosed, began receiving emails on January 13.
While the company’s investigation is ongoing, it revealed the data potentially affected includes:
- First and last names
- Dates of birth
- Genders
- Email addresses
- Home addresses
- Telephone numbers
- Passport numbers
- Passport issuing country
- Passport expiration date
Customers who purchased a travel pass directly from Eurail/Interrail did not have a visual copy of their passports stored on company systems.
However, the same is not true for those who received a pass through the DiscoverEU program, an Erasmus-funded initiative that invites travelers to explore the EU by rail.
The European Commission published a separate notice about the Eurail breach, saying that in addition to the data specified in the company’s email, DiscoverEU travelers may also have photocopies of their IDs, bank account reference numbers, and health data compromised.
[…]
Source: Passports, bank details compromised in Eurail data breach • The Register
Robin Edgar
Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft