British Train operator ‘Great Western Railways’ has confirmed that it was subjected to a cyber attack a fortnight ago in which few of the customer passwords could have been compromised. However, the company claimed that the success rate of the automated cyber attack was extremely low and reassured that no financial information was compromised.
Great Western Railways(GWR) is a UK based transport firm owned by FirstGroup. The railway service manages over 197 stations and has a trained strength of over 270.
Last week, the company is said to have conducted an investigation on its CWR.com database and found that it was targeted by hackers who siphoned of with over 1000 password from the overall customer strength of more than one million. The security staff believes that the hackers used the passwords elsewhere as a result of which the system holding customer data wasn’t compromised.
As no usable bank data is stored on the GWR website, the train operator confirmed that the leakage of bank details couldn’t have occurred.
A UK news resource confirmed that the leaked passwords are now available on the dark web where interested cybercrooks make a bid to grab those passwords to later use them for malevolent purposes.
Hence, the security experts at the GWR are advising the customers to change their passwords as soon as possible. The company has also taken steps to isolate its database from future cyber threats.
It will contact all the affected 1000 customers via email and insists to other customers to change their passwords with more secured ones which include alpha-numeric characters along with a special symbol.