Eurostar Resets Passwords after Attack


Eurostar has revealed that an undisclosed number of customers may have had their accounts accessed by a malicious third party. As a result, the company have forced a password reset to keep their customers safe. However, it is yet to be revealed whether all Eurostar customers must change their password or only those who have been affected.

A Warning from Eurostar

It was revealed in a note sent to customers that the train operator had detected an “unauthorised automated attempt” to log in to some accounts. This attempt took place between 15th and 19th October 2018.

“Please be reassured that your credit card or payment details haven’t been compromised as we never store such information on eurostar.com accounts,” it continued.

“We’d recommend that you reset your Eurostar password and check for anything unusual on your account. We’d also recommend updating your login details on other websites where you use the same password.”

Keeping Customers Alert

CEO of High-Tech Bridge, Ilia Kolochenko, sent warning to users that they should monitor incoming emails, instant messages and phone calls. It was important for them to be aware of suspected phishing attempts that could include the account information that the hackers potentially have access to.

“If personal data was stolen, it can be leveraged in eye-catching spear-phishing attacks, password reuse and identity theft scam,” he explained.

The Importance of staying Secure

James Romer, the chief security architect at SecureAuth, claimed the incident brings to light how a resilience on username and password combinations can leave organisations and their customers exposed and unprotected.

“The transport industry seems to be increasingly under attack from cyber-criminals, who are looking to access the vast amount of highly valuable customer data — including passport details and payment information — held within these organizations,” he added.

“Bad actors can easily purchase stolen credentials on the dark web, which can then be used to attempt to gain access to a secure network. By utilizing advanced techniques such as automation, more accounts can be easily targeted, increasing their chances of success.”

Join us in March for IDM Europe 2019

Join us for out 6th Identity Management Europe conference to discuss key insights and trends across digital identity, the latest in IAM implementation and resilient identity infrastructure strategies. This event will review policies, processes, standards and emerging technologies utilised by government and large enterprises to unlock the potential of new services and to facilitate business growth.