Categories: CloudSecurity

Great Western Railway Resets Passwords After Hackers Access Accounts

Great Western Railway has reset the passwords for all its more than one million online users to after hackers accessed about 1,000 accounts.

The hack involved the use of duplicate passwords that the hackers acquired elsewhere, GWR said.

The company said no usable bank information would have been leaked as such data is encrypted on its systems.

GWR, which runs trains between London, Penzance and Worcester, is part of the FirstGroup transport operator.

Automated hacks

The attack involved “automated attempts” to access accounts, which had an “extremely low” success rate, GWR said.

“While we were able to shut this activity down quickly and contact those affected, a small proportion of accounts were successfully accessed,” the company said in a prepared statement. “The success rate of the automated logins was extremely low, suggesting any passwords used were likely harvested elsewhere.”

In an email to users who weren’t affected, GWR said it had reset their passwords “as a precaution”.

“You should use a unique password for each of your accounts for maximum security, and we recommend you review all your online passwords and change any that are the same,” GWR said in the email.

Hundreds of millions of usernames and passwords have been acquired by hackers in website breaches over the years, and such information is sold online. Hackers then use the data on other sites, where accounts may be vulnerable if users reused passwords.

“This kind of attack uses account details harvested from other areas of the web to try and catch out consumers with poor password habits,” GWR stated. “Sadly, it is the kind of attack that is experienced on a daily basis by businesses across the globe, and is a reminder of the importance of good password practice.”

Rashmi Knowles of RSA Security said the problem was the result of a number of large data breaches.

“I would suspect… that GWR accounts have been accessed by people trying their luck with stolen credentials,” she said in an advisory.

GWR said it has emailed the users of the accounts that were accessed and has also contacted its other online account holders, asking them to verify that they’re not using duplicate passwords, and if so to change them.

GWR said it encrypts any financial data held on its site, meaning hackers should not be able to use anything they may have found.

“Our security systems mean that financial information is encrypted to the high standards customers would expect, and no unencrypted bank card information is stored in GWR.com accounts,” GWR said.

Do you know all about security? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

2 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

3 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

4 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

5 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

8 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

8 hours ago