Data Breaches

Hackers Offer to Sell Millions of Eurail User Records

Eurail has confirmed that the stolen data is up for sale, but it’s still trying to determine how many individuals are impacted.

Eurail data breach

European rail pass provider Eurail has confirmed that customer data stolen recently by hackers has been offered for sale.

The Netherlands-based company disclosed a data breach in mid-January, informing the public that the personal, order, and travel reservation information of customers who were issued a Eurail pass may have been compromised. Those who reserved a seat through Eurail may also be affected.

Eurail said at the time that hackers accessed systems storing basic identity and contact information, along with passport data.

In the case of individuals who received a DiscoverEU pass, compromised information can also include passport copies, health data, and bank account numbers.  

In an update shared late last week, Eurail said the stolen data is up for sale on the dark web, with sample data shared on a Telegram channel.

“We are currently investigating which specific data records or how many of the affected customers this concerns,” the company said.

Advertisement. Scroll to continue reading.

While Eurail says the data has been offered for sale on the dark web, SecurityWeek has also seen it on a surface web cybercrime site. 

The hackers claim to have stolen roughly 1.3 TB of data from AWS S3, Zendesk, and GitLab instances. 

According to the cybercriminals, the stolen data includes Eurail source code from GitLab, support tickets from Zendesk, and database backups from AWS S3. 

The hackers claim the database backups include the personal information of “millions of Eurail/Interrail customers”, including names, dates of birth, phone numbers, email addresses, postal addresses, and passport information. 

On their Telegram channel the hackers said negotiations with Eurail have failed and they plan on publicly releasing all the stolen data if they don’t find a buyer.

“If the company would like to prevent publication/sale of this data, they can resume negotiation,” they said. 

Based on SecurityWeek’s analysis, several of the database files offered for sale appear to have between 50,000 and 17 million records. 

Related: Dior, Louis Vuitton, Tiffany Fined $25 Million in South Korea After Data Breaches

Related: Dutch Carrier Odido Discloses Data Breach Impacting 6 Million

Related: Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed

Related Content

Cybercrime

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information.

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Data Breaches

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

Data Breaches

Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances.

Data Breaches

Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.

Data Breaches

Threat actors gained access to personal and protected health information that Xsolis received from its clients.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version