- Hackers selling data stolen from Eurail’s January 2026 breach
- Stolen info includes names, travel companion details, and possibly passport numbers
- Bank data safe, but leaked records now offered on dark web/Telegram; phishing risk remains high
Hackers have begun selling the data they stole from Eurail in a recent cyberattack, the company has said.
Eurail is a Dutch company that sells train travel passes for European railways. Around January 10 2026, it confirmed cybercriminals accessed its servers and pulled sensitive customer information to a third-party environment.
Now, the company said it saw samples of the stolen files being offered on Telegram.
Escalating the threat
“We have become aware that the data has been offered for sale on the dark web and a sample data set has been published on Telegram,” the company said in an update posted on its website. “We are currently investigating which specific data records or how many of the affected customers this concerns.”
Even though the investigation about the nature and scope of the attack is still ongoing, the company said the data nabbed most likely includes people’s names and information regarding travel companions.
It also said that there is a possibility that passport information (numbers, country of issuance, expiry date) was grabbed but stressed that bank and credit card data remained safe. Furthermore, the company does not store visual copies of people’s passports.
We don’t know who was behind the attack, or how many customers are affected. Eurail serves millions of customers every year, and just in 2023, it sold more than 1.2 million passes worldwide.
Eurail said it notified relevant EU authorities, as required by the GDPR requirements, and that it is currently notifying other data protection watchdogs outside the EU.
In the meantime, customers are advised to remain vigilant. They are urged to be extra careful with incoming emails, especially those claiming to have come from Eurail. Cybercriminals can use the stolen data to create highly convincing phishing emails, through which they can steal corporate login credentials, or even initiate fraudulent wire transfers.
Via BleepingComputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/4b3wzaqk9i5s3KyneeJvg7-1280-80.jpg
Source link
