What began as a January disclosure about unauthorized database access has grown into a full-scale identity theft crisis after attackers listed millions of European rail travelers' sensitive records on criminal marketplaces.

Eurail B.V. confirmed on February 13, that customer data compromised in an earlier security breach is now being offered for sale on the dark web, with a sample dataset also published on Telegram. The escalation transforms a data breach disclosure into an active identity theft emergency for potentially millions of European travelers.

Who Were Impacted in Eurail Breach

The incident impacted all customers issued a Eurail pass, as well as those who made seat reservati...