High-speed rail company Eurostar said it has reset customers’ log-in passwords after it discovered attempts to hack into an unspecified number of accounts.
The operator says it has notified customers whose accounts had been targeted by the hack. All users will be prompted to reset their passwords the next time they attempt to log-in on the website or app.
Eurostar has not commented on whether the attempt was successful but confirmed payment details were not compromised.
A spokesperson told the BBC: “We deliberately never store any bank card information, so there is no possibility of compromise to credit card or payment details.”
The attacks took place between 15 and 19 October. Eurostar has not said whether the source of the breach has been identified.
According to the BBC, passengers who were asked to change their passwords before the breach was disclosed had been told by Eurostar that the firm had performed maintenance on its website.
The Information Commissioner’s Office confirmed it had been told about the attacks.
The news follows a series of high-profile attacks on travel companies, with Cathay Pacific revealing that up to 9.4 million passengers were affected by a data breach and British Airways uncovering a second attack that involved full credit card details while investigating an earlier hack. Air Canada also confirmed a breach involving 20,000 accounts.
Uber was recently fined US$148 million for a 2016 data breach it had tried to cover up by paying off the hackers.