Continental rail service Eurostar has been getting in contact with customers with online accounts, requesting they reset their passwords as the company works to enhance the security of its users.
However, technical issues have resulted in users being unable to reset them or even log in to their accounts, effectively locking them out entirely.
The official email from Eurostar to customers states that in order to continue using their account, they will have to reset their passwords, followed by a link to the page where they can do this.
The problem is, following this link and commencing the process throws up this error message form the site: "Sorry, we're having a few technical problems so we can't send the email at the moment. Please try again a little later."
A potential security breach?
BleepingComputer (opens in new tab) recently tested the issue and found that it has continued to persist. Customers are understandably frustrated, with some venting their anger on social media (opens in new tab).
When customers keep trying to enter their account, they are greeted with the password reset prompt, which then results in the aforementioned technical error message, so they are trapped in this unresolvable loop and unable to access their accounts at all.
Another twitter user speculated that this error sounded like a "data breach situation", and others suspected (opens in new tab) the official email they received as a phishing scam due to the presence of the link and not addressing them by name.
> These are the best ID theft protection tools around (opens in new tab)
> Clop ransomware hackers hit a million US healthcare customers (opens in new tab)
> LastPass hacked: Should you be worried about your passwords?
This debacle follows hot on the heels of another at the railway operator, as last Friday, there were issues with Club Eurostar members having their booking disappear completely, but it assured customers (opens in new tab) that the bookings were still on its system - just not visible to users.
On this issue, the company advised (opens in new tab) "If you are unable to access your account, clear the cookies from your device and reset the password. If you are not receiving the reset password link, re-register using the same email address used for your account."
However, some customers replied to say these solutions didn't work for them, and given the more recent password reset issue, this part of the advice doesn't work either.
BleepingComputer could not confirm whether the technical issues were due to a security incident, and when they reached out for comment, a Eurostar spokesperson replied with the following statement:
"Our customers were contacted to reset their password following an update to our customer authentication system. The sudden volume of customers who attempted to do this caused some technical difficulties and we are working to resolve this as soon as possible. We apologise for any inconvenience this has caused."
- To keep your passwords up to date, here are the best password managers
