The Eurostar company is the victim of a security hiccup which prevents travelers from resetting their account password, even though the operator obliges them to do so.
An eventful month of February for the Eurostar operator. A few days after the forthcoming announcement (scheduled for October) of its merger with the other SNCF subsidiary, Thalys (the entity will nevertheless retain its brand), the railway company is plagued by a few minor problems. computer security systems that force its customers to reset the password of their personal account. But the procedure doesn’t work.
A forced password reset that… doesn’t work
This week Eurostar, whose trains run from the UK to France as far as Belgium and the Netherlands, sent an email to its customers to force them to reset their passwords. The company justifies its approach by the need to ” to update and strengthen the security of its service.
” To continue using your Eurostar account, you will need to reset your password “, can we read in the e-mail. But there is a small problem. When users click on the reset link, they face technical issues that prevent them from completing the process or even logging into their account.
By clicking on the link supposed to direct customers to the reset, they come across this error message: ” Sorry, we’re having some technical issues, so we can’t send the email right now. Please try again later. “This is what stains.
Phishing ruled out, but a dreaded hack
Our colleagues from BleepingComputer spotted the problem on Monday. And today, Tuesday, it would still persist. We have also tried to relaunch Eurostar on this subject, but the company has not yet responded to our requests.
Thousands of customers around the world would currently have their accounts locked and unable to access them and reset their passwords. What cause some frustration. Many denounce, often in English, a phantom communication from the company, while others fear a cyberattack which would explain the problem and the silence of the firm.
This lack of communication also makes some customers fear the worst, who contact Eurostar directly, confusing the reset e-mail received with a phishing attempt, but it is indeed authentic.
However, the company has spoken well to admit having certain technical concerns attributed to the maintenance of the services. Except that the message dates from February 10, before the first password reset emails were sent. Until then, customers were reporting ” missing reservations on their account. Eurostar then advised them to delete cookies from their browser, without success. Regarding the famous e-mail sent to customers, the company is content to say that it tried to update its customer authentication system, and the procedure would have caused technical difficulties.
The last time the Eurostar company forced its customers to reset their password was in 2018. The company had just suffered a data breach.
Source : BleepingComputer
1