MSE News

Eurostar customers told to reset passwords after attempted hack

Eurostar has asked customers to change their passwords following an "unauthorised automated attempt" to access customer accounts.

The railway service, which operates between Britain and Europe, has emailed customers that it has on record as having logged into their accounts between 15 and 19 October. It says if you don't remember logging in during this period, it's possible someone else was trying to access your account.

Eurostar doesn't store bank or card information on its systems, so it says that if accounts were accessed, only names and addresses could have been found.

As scams get clever, we need to too – see 30+ Ways to Stop Scams.

What is Eurostar telling customers?

The letter that Eurostar has sent to customers can be seen below:

I think I might have been affected – what should I do?

If you think you might have been affected by the attempted hack, you should follow Eurostar's advice and you reset your Eurostar password. You should also check for any unusual activity on your account.

You should update your login details on other websites where you use the same password. 

Also, watch out for phishing scams. These are a type of scam where fraudsters try to reel you in with the hope that you've got a connection to the company they're pretending to be from.

This correspondence disguises attempts to steal your passwords, bank codes and money. Often it'll ask for bank or credit card details, ask you to download files containing viruses onto your computer, or to click on a link. 

To protect yourself, don't simply assume calls and emails are genuine.

What does the information watchdog say?

An Information Commissioner's Office spokesperson said: "We've received a data breach report from Eurostar and are making enquiries."

What does Eurostar say?

A Eurostar spokesperson said: "This email was sent after what we identified to be an unauthorised automated attempt to access customer accounts. Our systems picked this up immediately and we quickly blocked access to all accounts. We have asked customers to reset their passwords as a precautionary measure.

"It's important to note that we deliberately never store any bank card information in customer accounts, so there is no possibility of compromise to credit card or payment details."