Swiss people are apparently also affected by the data leak at the Interrail marketer Eurail.
Click to open the share function.
What happened? Interrail is a popular train ticket that allows, for example, unlimited travel in European countries for a month. Now there has been a hacker attack on the Eurail company in Holland, which is responsible for the Interrail service.
What do we know so far about the data leak? It’s not much yet. Eurail announces that customer data has been stolen. The systems were immediately secured, security gaps were closed and further measures were taken. Eurail has also informed its partners. For us it is the SBB. It is not yet known how much data was stolen. In response to a request from SRF, the SBB wrote: “Unfortunately, it can be assumed that data from Swiss Eurail customers will also be affected by the hack.” She emphasizes that no SBB customer data was stolen. The SBB records Interrail orders directly on a Eurail web portal.
Eurail data leak FAQ
What kind of data was stolen? According to initial findings, this is the data that you provide when ordering an Interrail ticket: name, address, email, birthday and passport or ID numbers. Participants in the EU program “Discover EU” may also have had copies of their ID cards, bank details or personal health information stolen. The hack affects people who have bought an Interrail or Eurail ticket (same offer for people who do not live in Europe) from Eurail or SBB. Customers who may be affected will be informed directly, Eurail writes on the homepage.
How sensitive is this for those affected? This data can be used for phishing, identity theft or hacking. So far there is no evidence that the stolen data has already been misused, published or offered for sale, says Eurail.
What should current and former Interrail customers do? Eurail points out the usual security measures in such cases:
- Change passwords for email accounts, social media and bank accounts.
- Keep an eye out for unusual debits on bank accounts.
- Be particularly vigilant and suspicious of suspicious emails, letters or calls.
- Do not respond to requests to provide personal information.
- In case of suspicion, inform the police and the bank.
Can you hack an e-banking account using your address, passport copy and IBAN number? The Federal Cybersecurity Office BACS says: “No, it is not possible to withdraw money from an account with an IBAN number and a copy of an identity card.” Theoretically, fraudsters could use the IBAN number to make payments to an online shop. But, says BACS: “You can easily complain about such fraudulent payment orders to your bank for up to a year and have them reversed.” This option is therefore not lucrative for fraudsters.
Click to open the share function.
