UK-based railway service Eurostar now enlists itself among the victims of a cyber attack. The service allegedly suffered a credential stuffing attack, Eurostar have since reset customer passwords. Investigations are currently underway about the incident.
Eurostar Reset Passwords Following Data Breach
Eurostar disclosed a security breach of their online systems in an email sent to customers. They noticed some unusual activity that encouraged Eurostar to reset passwords of their customers.
Initially, the customers didn’t know what had happened. In response to a query on Twitter, Eurostar simply said maintenance was the reason for resetting passwords.
Hi. Recently we have performed maintanence on the Eurostar website and have requested that our customers reset their passwords. Sorry for any inconvenience.
— Eurostar (@Eurostar) October 23, 2018
However, later, a Twitter user uploaded a copy of Eurostar’s report in his tweet.
@troyhunt Eurostar seems to have been compromised. pic.twitter.com/0d9rJZp9dk
— Damien (@DamienAFC) October 30, 2018
According to their statement, the service may have endured a credential stuffing attack. Consequently, in order to avoid any damages, Eurostar asked customers to reset passwords.
“We have taken this action as a precaution because we identified what we believe to be an unauthorised automated attempt to access eurostar.com accounts using your email address and password.”
The incident likely occurred between October 15, 2018, and October 19, 2018. After noticing the breach, Eurostar informed all customers affected by this incident. As per Eurostar, if anyone receiving this email and hasn’t logged into their account during the mentioned time period, then their account might have been accessed by the malefactors.
Payment Card Details Remained Safe
According to a Eurostar spokesperson
“We deliberately never store any payment details or bank card information, so there is no possibility of those being compromised.”
At the moment, Eurostar hasn’t revealed a specific number of customers affected by the breach. However, they’re continuing with investigations. They have also informed the Information Commissioner’s Office (ICO) of the incident.