During the course of Thursday, 19.10.2023, a cyber incident occurred in the IT systems of the WESTbahn. This incident mainly affects systems in the company's administration.
A team of experts deployed by WESTbahn took immediate steps and stopped the attack. Since the incident, the IT department has been working at full speed with the help of external support to investigate the incident in order to be even better protected against similar attacks in the future.
In the course of the incident, the attackers gained access to WESTbahn systems and we cannot rule out the possibility that data was leaked. Based on what we know so far, this could be company, employee and customer data. The WESTbahn itself does not process credit card data, as this is done by external payment service providers.
As a result of the incident, customer-related data could be misused and those affected could unintentionally become recipients of unwanted messages (e.g. spam, phishing). We therefore ask for increased caution in the coming weeks. Even if no passwords have been stolen to date, we recommend changing your log-in data for the "My WESTbahn" account as soon as possible.
If you notice any unusual activity or have any questions in connection with your "My WESTbahn" account, you can find more information in the FAQ below. You can also contact us directly by e-mail at [email protected] or by telephone on the dedicated hotline +43 1 361 0366 548.
WESTbahn has already reported the incident to the relevant authorities. We reserve the right to take further legal action.
Please note, that our train service was not affected at any time and trains are currently running as planned. Tickets can be purchased as usual through all WESTbahn sales channels and on the trains.
Please log out of your account and click "Forgot Password" on the login screen. After that you can change your password.
Who is behind the incident?
This is part of the ongoing investigations.
What data is affected by the incident?
According to current knowledge, third parties were able to gain access to company, employee and customer data stored in the WESTbahn systems in the course of the incident. The WESTbahn does not process credit card data, as this is done by external payment service providers.
Are the authorities informed?
The required information to the data protection authority was provided in accordance with the legal requirements.
When will the problem be solved?
The railway operations of the WESTbahn are running without any impairment. WESTbahn continues to work on the systems.
What does the incident mean for WESTbahn customers?
You can travel, book tickets and the trains run as planned. There is no impact on operations.
Due to this incident, customer data could be misused and those affected could unintentionally become recipients of unwanted messages (e.g. spam, phishing). We therefore ask for increased caution in the coming weeks.
Should passwords for the WESTbahn account be changed?
Even if no passwords have been stolen on the basis of what we know so far, we recommend changing your log-in data to your "My WESTbahn" account as soon as possible.