JetBlue sued over claims it uses customers’ personal data to set ticket prices
JetBlue faces lawsuit over claims of using personal data to set ticket prices.
The Guardian World1 min read
Some Interrail travellers told to cancel passports as hacked data posted online
TL;DR
Over 300,000 European Interrail travellers are advised to cancel their passports after personal data was leaked on the dark web. The breach has caused significant distress and financial burden for those affected.
Key points
- Over 300,000 European travellers' data was hacked
- Personal data includes passport numbers and addresses
- Eurail confirmed data is for sale on the dark web
- UK Passport Office advises customers to cancel passports
- Replacement passport fees can exceed £200
Mentioned in this story
EurailUK Passport OfficeEuropeDenmark
Holidaymakers across Europe are facing the stress and expense of getting new passports after their personal data was posted on the dark web after a hack of the Interrail company Eurail.
Personal data, including passport numbers, names, phone numbers, email and home addresses and dates of birth of more than 300,000 European travellers was accessed in December. But this week Eurail revealed to customers that “data copied during the security incident has been offered for sale on the dark web and a sample dataset has been published on Telegram”.
The announcement has led to renewed anger and confusion. The UK Passport Office has told at least one customer they needed to “cancel their passport to prevent it being used for fraudulent activity”, with the Home Office agency also indicating they needed to pay the full £102 fee for a replacement.
Another affected customer in Denmark said they had been obliged to cancel their passport, with a replacement likely to cost more than £200.
“Its an absolute nightmare,” said one customer who had her details hacked, as did another member of her holiday group that travelled from Penzance to Naples last summer. She said the news that the data was for sale on the dark web “did freak me out”, and she was worried about getting a new passport in time for her summer travel plans.
“I genuinely have no idea how serious this is,” she said, requesting anonymity. “Do I really need to spend my money doing all this? No one wants to spend £100 when they don’t have to. If the official advice is to get a new passport, there does need to be some sort of compensation.”
Eurail is the Dutch company that sells Interrail passes that people use for holidays across Europe. A seven-day pass allowing rail travel in 33 countries from the northern tip of Norway to the southern shores of Turkey costs €286 for people aged up to 28, €381 for 28- to 59-year-olds and €343 for people 60 and over. Two children under 12 can travel free with an adult.
Gerard Tubb, 64, a former broadcast journalist from Yorkshire who had bought Interrail tickets to travel with his wife to the south of France last year, had his data stolen. He said: “The concern is what can people do with that amount of information. It seems an awful lot – everything to persuade someone they are me.”
Eurail told affected customers this week to “remain extra vigilant for unexpected or suspicious phone calls, emails, or text messages asking for personal information” and to update the password they use to access the Rail Planner app and change email, social media and banking passwords.
“We take the security of your data seriously and regret any concern this incident may cause,” it said.
Q&A
What personal data was leaked in the Eurail hack?
The leaked data includes passport numbers, names, phone numbers, email and home addresses, and dates of birth of over 300,000 travellers.
Why are Interrail travellers being told to cancel their passports?
Travellers are advised to cancel their passports to prevent potential fraudulent use of their personal information that was compromised in the hack.
How much does it cost to replace a passport after the Eurail data breach?
The cost to replace a passport is approximately £102 in the UK, while in Denmark it could exceed £200.
What actions are being taken by Eurail regarding the data breach?
Eurail has informed customers about the data being offered for sale on the dark web and has prompted them to take necessary precautions, including passport cancellation.
