- The firm reportedly detected unauthorized entities attempting to access user accounts in mid-October.
- Eurostar said that customers payment card details were not compromised by the breach.
Eurostar suffered a data breach that may have compromised users’ accounts. The firm has initiated password resets for all customer accounts as a precautionary measure. Eurostar reportedly detected unauthorized entities attempting to access user accounts in mid-October.
The firm said that the cybercriminals behind the attack used Eurostar account holders’ usernames and passwords to infiltrate systems. This indicates that the hackers were either using stolen credentials or had somehow managed to gain access to users’ account credentials.
It is still unclear as to how many users have been affected by the breach and whether the attackers succeeded in exfiltrating any sensitive corporate or user data. Eurostar said that customers payment card details were not compromised by the breach.
"We have taken this action as a precaution because we identified what we believe to be an unauthorized automated attempt to access eurostar.com accounts using your email address and password," Eurostar told customers in a notification, the Telegraph reported. "We've since carried out an investigation which shows that your account was logged into between the 15 and 19 October. If you didn't log in during this period, there's a possibility your account was accessed by this unauthorized attempt."
The firm said that it has reported the breach to Information Commissioner's Office - UK data security and privacy watchdog. The ICO confirmed having received a data breach report from Eurostar, adding that it was investigating the matter, the Telegraph reported.