The Eurail data breach exposed personal information for approximately 308,777 U.S. individuals, including names and passport numbers, and may have affected customers who purchased passes through partner channels and the DiscoverEU program. Eurail detected unauthorized access in late December 2025, engaged cybersecurity experts and law enforcement, began notifying affected individuals and authorities in March 2026, and continues investigating the scope of the exposure. #Eurail #DiscoverEU
Keypoints
- Approximately 308,777 U.S. individuals had personal data exposed, including names and passport numbers.
- The unauthorized access occurred on December 26, 2025, with exposure confirmed on February 25, 2026.
- Earlier evidence of data on the dark web and Telegram suggests wider exposure of IBANs, emails, phone numbers, and health information.
- Eurail activated incident response, hired third-party cybersecurity experts, and notified law enforcement and state attorneys general.
- Affected individuals are advised to monitor financial accounts, check credit reports, and report suspected misuse to authorities.
Read More: https://thecyberexpress.com/eurail-data-breach-update/