Skip to main content
Solved

data breach??

  • January 30, 2026
  • 5 replies
  • 242 views
N

I just got an email claiming to be from Eurail.  I can’t even verify it it’s legitimate and when I email Eurail they say I will get a response in one week.  Have other people received this message?  I am very concerned! I’ve copied and pasted it here.

Security incident involving your personal data
We’re writing to inform you about a security incident that occurred at Eurail B.V.. An unauthorised person gained access to part of our customer database. This means that someone outside Eurail has unfortunately been able to access certain customer details. Following the discovery, we immediately began work to further secure our systems and initiated an investigation with the support of external cybersecurity specialists. We take this matter seriously and are currently conducting a thorough investigation to determine the full scope of the issue and its potential impact on your data.

Best answer by Al_G

Yes, it is legitimate.

5 replies

A
Full steam ahead
Forum|alt.badge.img+6
  • Al_G
  • Full steam ahead
  • Answer
  • January 30, 2026

Yes, it is legitimate.

    D
    Full steam ahead
    Forum|alt.badge.img+1
    • Dagi
    • Full steam ahead
    • January 30, 2026


    I know that many people received a similar email, but already a few weeks ago. So was there another data breach?

      N
      • Ngaire Watson
      • Author
      • Rail rookie
      • January 30, 2026

      This is very concerning.  I don’t know if I should have my credit card cancelled and reissued.  There was not enough information.

      F
      • Fabz
      • Rail rookie
      • February 6, 2026

      Eurail notified me about my data being leaked at least 19 (!) days after they already knew about the data breach. I sent an inquiry email to them asking why I did not receive information any earlier. That was roughly 2 weeks ago, and I did not get any answer from them whatsoever.

        N
        • Ngaire Watson
        • Author
        • Rail rookie
        • February 7, 2026

        I think the conduct of Eurail is very poor.  I have had no follow up since sending an email.  Eurail loves everyone using their website but shows little responsibility for their customers.
        Eurail passengers data breach with

        • First and last names
        • Dates of birth
        • Genders
        • Email addresses
        • Home addresses
        • Telephone numbers
        • Passport numbers
        • Passport issuing country 
        • Passport expiration date

        The European Commission published a separate notice about the Eurail breach, saying that in addition to the data specified in the company's email, DiscoverEU travelers may also have photocopies of their IDs, bank account reference numbers, and health data compromised.

        "To our knowledge, there is currently no evidence that the data has been misused or publicly disclosed," it stated. "Eurail reassured the Commission that this is consistently being monitored by external cybersecurity specialists

        https://www.theregister.com/2026/01/14/eurail_breach/

        To say the data is not being misused is ridiculous and is no guarantee it will not be misused in the future.

        Terms and Conditions & Privacy PolicyAccessibility statement