Are you a United States citizen who enjoys soaking in Europe’s picturesque scenery via a train ride? Hopefully not. Rail Europe North America (RENA), a popular travel planning company focused on selling rail tickets to American citizens, has announced news of a data security breach.

#News: #RailEurope North America (RENA), a popular #travel planning company focused on selling rail tickets to American citizens, has announced news of a #databreach. Click To Tweet

When travelers book a vacation and purchase railway ride tickets for a day of sightseeing, they must provide Rail Europe with all payment information. Information provided is just what you would expect, the full run of payment card information as well as personal information such as name, address, email address and phone numbers.

This sensitive data was collected and housed within Rail Europe’s IT infrastructure. Rail Europe has confirmed that the personal identifying information was compromised on November 29, 2017 and steadily evacuated until February 16, 2018. The attack erupted to the surface when a bank affiliated with RENA notified the company of the breach via inquiry.

“On February 16, 2018, as a result of a query from one of our banks, we discovered that beginning on November 29, 2017, through February 16, 2018, unauthorized persons gained unauthorized access to our e-commerce websites’ IT platform.”

Who Will This Data Breach Harm?

As it stands, the exact number of RENA customers is still in the air. What is confirmed is that RENA generated turnover with 5 million vacation ready Americans. Take that massive number of people into consideration along with the time window the breach occurred within and you can understand the calamity of this breach. Rail Europe is currently advising all consumers to change RENA passwords and stalk their accounts to identify any traces of fraudulent activity.

Rail Europe has also released a notice to consumers addressing the data breach. Within the notice RENA offers consumers access to identity theft protection services and simultaneously assures that there is no proof that any consumer data has been further violated. Unfortunately for Rail Europe, they have no inkling of just how few or how many accounts have been jeopardized.

What Was The Door Into Consumer PII?

Rail Europe’s webpage was infected with malware capable of scraping credit and debit cards. The malware lifted the information from the cards used for payment, meaning hackers got card numbers, expiration dates and the CVV numbers. Also, note that this malware was attached to the front end of the website, meaning it was interacting directly with consumers and directly receiving personal information and card payment data.

Rail Europe has not offered up any specifics as to just how their ecommerce was violated. However, for hackers to assemble malware on the point of sale system, it is likely they accessed a privileged account.

What RENA has done is assured the public that their compromised systems have been “replaced and rebuilt”. Some hardening tactics apart of the Rail Europe system overwork have been updating passwords and certificates related to data security.

Undetectable for Months

This data breach is damaging enough, but the breach was undetected for almost three months and that makes this breach much more dangerous. When the breach was discovered it was due to notification from a bank affiliated with the bank. Unfortunately, this suggests that the breach mitigation efforts practiced by Rail Europe were entirely uneffective.

Cyber Security Best Practices

A combination of firewalls, data policies, password regulation and many more cyber security practices are all essential to operating securely. Some companies, like RENA, may benefit from a multi-factor approach to security. The combination of biometrics and behavioral analytics create a barrier unique to the user as biometrics and behaviors are all entirely unique. Also, entry into accounts or databases is reliant upon the user’s own behaviors. In order to capture and record employee behaviors to use for security measures, employee monitoring software is deployed.  Absorb Rail Europe’s breach and how it unfolds, you may find yourself quickly looking further into extra cyber security strategies. Click below to learn more about Teramind. Insider Threat Detection