Eurail Stolen Traveler Data Offered for Sale on Dark Web

What happened

Eurail B.V. confirmed that traveler data stolen in a recent breach is now being offered for sale on the dark web, with threat actors also publishing sample records on Telegram. The breach involved unauthorized access to Eurail’s customer database, exposing sensitive information including full names, passport details, ID numbers, IBAN bank account numbers, health information, email addresses, and phone numbers. 

The company is still investigating the scope of the incident and determining how many customers were affected. Eurail has notified data protection authorities and plans to individually notify impacted customers once the investigation concludes. 

Who is affected

Customers of Eurail B.V. and Interrail whose personal and travel-related information was stored in Eurail’s customer database are affected, as their sensitive identity, financial, and contact details were exposed and are now being offered for sale online. 

Why CISOs should care

The exposure of passport details, financial identifiers, and personal data through a breached travel platform highlights risks associated with centralized customer databases that store high-value identity and financial information. 

3 practical actions

• Investigate customer database access logs. Review access activity to identify unauthorized data access and determine breach scope. 
• Notify affected customers and regulators. Eurail has informed data protection authorities and plans direct notifications to impacted users. 
• Monitor exposed customer data. Track leaked datasets and detect potential misuse of compromised identity and financial information.