Flash News

Mexico beats South Korea, advances to World Cup knockout stage

A businessman's property was taken, three former officials in Elbasan are in prison

The Transparency Board ceases to function

With stable weather conditions, check out today's weather forecast

Rama in plenary session, protesters march towards Parliament

Bota

Alarm in Europe: 300,000 customer data allegedly sold on the dark web

Politiko 2026-04-23 18:13:08

Alarm in Europe: 300,000 customer data allegedly sold on the dark web

Hundreds of thousands of users of the Eurail and Interrail rail travel services have been affected by a major cyberattack, after which the personal data of around 300,000 customers was allegedly exposed and distributed on the dark web, The Guardian reported.

The Netherlands-based company reportedly confirmed that the stolen data included passport numbers, names, dates of birth, addresses and contact details. Some of this information is suspected to have been published on platforms such as Telegram and then offered for sale on the dark web.

Authorities in several European countries have begun issuing advance guidance to affected citizens. In the United Kingdom, the Passport Office has advised in at least one case to cancel and replace passports to avoid possible use in fraud. Similar measures have been reported in Denmark, where citizens may face additional costs for replacing documents.

The incident has caused great concern among travelers, especially those with travel plans in the summer months. Some have questioned the level of real risk and the lack of clearer guidance from institutions and the company.

"It's an absolute nightmare," said one of the affected customers, describing the uncertainty the data leak has caused.

Eurail said it was notifying affected users and urging them to increase security measures, including changing passwords and monitoring for suspicious activity. The company expressed regret for the incident but has faced criticism for its response.

Meanwhile, calls have also been raised for collective legal action under the General Data Protection Regulation (GDPR) in the European Union.

Latest news