- Hackers selling data stolen from Eurail’s January 2026 breach
- Stolen information includes names, travel companion details and possibly passport numbers
- Bank data secure, but leaked records now offered on dark web/Telegram; the phishing risk remains high
Hackers have started selling the data they stole from Eurail in a recent cyber attack, the company has said.
Eurail is a Dutch company that sells train travel cards for European railways. Around January 10, 2026, it confirmed that cybercriminals accessed its servers and pulled sensitive customer information into a third-party environment.
Now the company said it saw samples of the stolen files being offered on Telegram.
Escalation of the threat
“We have become aware that the data has been offered for sale on the dark web and a sample dataset has been published on Telegram,” the company said in an update posted on its website. “We are currently investigating which specific data records or how many of the affected customers this relates to.”
Although the investigation into the nature and scope of the attack is still ongoing, the company said that the data that was captured most likely includes people’s names and information about travel companions.
It also said there is a possibility that passport details (numbers, country of issue, expiry date) were seized, but stressed that banking and credit card data remained secure. Furthermore, the company does not keep visual copies of people’s passports.
We do not know who was behind the attack or how many customers are affected. Eurail serves millions of customers every year, and just in 2023 it sold more than 1.2 million cards worldwide.
Eurail said it notified relevant EU authorities as required by GDPR requirements and is currently notifying other data protection watchdogs outside the EU.
In the meantime, customers are advised to be vigilant. They are encouraged to be extra careful with incoming emails, especially those claiming to be from Eurail. Cybercriminals can use the stolen data to create highly convincing phishing emails through which they can steal company login credentials or even initiate fraudulent bank transfers.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
