Eurail has confirmed that it was the victim of a data breach.

Eurail confirmed that attackers stole customer data and that it is now being sold on the dark web. Hackers claim to have exfiltrated roughly 1.3 TB of data from AWS S3, Zendesk, and GitLab systems, including backups containing millions of customer records. Negotiations with Eurail reportedly failed, and the attackers are threatening to publicly release all data if no buyer is found. Database samples analyzed suggest records per file range from 50,000 up to 17 million, highlighting the scale of the breach.

Read more:

https://www.securityweek.com/hackers-offer-to-sell-millions-of-eurail-user-records/