Arabic AR Chinese (Simplified) ZH-CN English EN French FR German DE Japanese JA Portuguese PT Russian RU Spanish ES Ukrainian UK

Great Western Railway accounts breached

Latest news

    GWR trainImage copyright PA
    Image caption GWR says that its customers payment card details were protected by encryption

    A British rail operator has reset more than a million customer accounts after discovering hackers had successfully breached a small percentage of them.

    Great Western Railway said that about 1,000 of its passengers’ details had been exposed.

    The business – which runs trains between London, Penzance and Worcester – is part of the transport operator FirstGroup.

    It said all bank information had been protected by encryption.

    “We have identified unauthorised automated attempts to access a small number of GWR.com accounts over the past week,” a spokesman told the BBC.

    “While we were able to shut this activity down quickly and contact those affected, a small proportion of accounts were successfully accessed.

    “The success rate of the automated logins was extremely low, suggesting any passwords used were likely harvested elsewhere,” the company added.

    Image copyright GWR
    Image caption Account holders have been sent emails to notify them of the breach

    The firm added that the decision to reset all customer accounts had been taken as a precautionary step.

    Some recipients of the alert had questioned if it was real, as the email address it had been sent from seemed unusual.

    One cyber-security expert said the incident served as a reminder that people should use a different, complex password for each online service they used.

    “In the wake of large data breaches, we often see large caches of credentials go on sale on the dark web,” commented Rashmi Knowles from RSA Security.

    “Hackers know that consumers use the same passwords for multiple accounts, and that these credentials will open doors into emails, banks, or in this case railway accounts.

    “I would suspect that is what is happening here, and that GWR accounts have been accessed by people trying their luck with stolen credentials,” said Ms Knowles.

    View the original article: http://www.bbc.co.uk/news/technology-43725640

    http://www.bbc.co.uk/news/technology-43725640

    In the same category are

    London Marathon’s long love of fancy dress Image copyright Getty Images Image caption This brave soul ran in a full suit of armour as St George in 2006, dragging a 10ft dragon For decades r...
    Two years for teen ‘cyber terrorist’ who targeted US officials Image copyright PA Image caption Kane Gamble posted the message "I own you" on one security chief's home TV A teenager who tricked his way into ob...
    Nissan to cut hundreds of UK jobs Image copyright Getty Images Image caption The Juke is one of the models made at Nissan's Sunderland plant Nissan is to cut hundreds of jobs at it...
    A philosopher rates Kanye West’s tweets Image copyright Getty Images "It's not where you take things from. It's where you take them to."We all knew Kanye West had a way with words. But ins...
    Ofcom seeks to scrap local TV roll-out Image copyright Big Centre TV Image caption Birmingham's Big Centre TV has been replaced Media regulator Ofcom has proposed scrapping the further ...
    Alfie Evans case: Supreme Court rules against parents for second time Image copyright ACTION4ALFIE Image caption Alfie Evans is in a "semi-vegetative state" in the Alder Hey Children's Hospital The parents of termina...

    Leave a comment

    Your email address will not be published. Required fields are marked *