Eurail confirms stolen traveler data is on sale in the dark web - and it still doesn't know who is behind the attack

News
By published

January 2026 Eurail breach gets worse

Train passing by
(Image credit: Future)
  • Hackers selling data stolen from Eurail’s January 2026 breach
  • Stolen info includes names, travel companion details, and possibly passport numbers
  • Bank data safe, but leaked records now offered on dark web/Telegram; phishing risk remains high

Hackers have begun selling the data they stole from Eurail in a recent cyberattack, the company has said.

Eurail is a Dutch company that sells train travel passes for European railways. Around January 10 2026, it confirmed cybercriminals accessed its servers and pulled sensitive customer information to a third-party environment.

Now, the company said it saw samples of the stolen files being offered on Telegram.

Escalating the threat

“We have become aware that the data has been offered for sale on the dark web and a sample data set has been published on Telegram,” the company said in an update posted on its website. “We are currently investigating which specific data records or how many of the affected customers this concerns.”

Even though the investigation about the nature and scope of the attack is still ongoing, the company said the data nabbed most likely includes people’s names and information regarding travel companions.

It also said that there is a possibility that passport information (numbers, country of issuance, expiry date) was grabbed but stressed that bank and credit card data remained safe. Furthermore, the company does not store visual copies of people’s passports.

We don’t know who was behind the attack, or how many customers are affected. Eurail serves millions of customers every year, and just in 2023, it sold more than 1.2 million passes worldwide.

Eurail said it notified relevant EU authorities, as required by the GDPR requirements, and that it is currently notifying other data protection watchdogs outside the EU.

In the meantime, customers are advised to remain vigilant. They are urged to be extra careful with incoming emails, especially those claiming to have come from Eurail. Cybercriminals can use the stolen data to create highly convincing phishing emails, through which they can steal corporate login credentials, or even initiate fraudulent wire transfers.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.