Cyber incident

During the course of Thursday, 19.10.2023, a cyber incident occurred in the IT systems of the WESTbahn. This incident mainly affects systems in the company's administration.

A team of experts deployed by WESTbahn took immediate steps and stopped the attack. Since the incident, the IT department has been working at full speed with the help of external support to investigate the incident in order to be even better protected against similar attacks in the future.

In the course of the incident, the attackers gained access to WESTbahn systems and we cannot rule out the possibility that data was leaked. Based on what we know so far, this could be company, employee and customer data. The WESTbahn itself does not process credit card data, as this is done by external payment service providers.

As a result of the incident, customer-related data could be misused and those affected could unintentionally become recipients of unwanted messages (e.g. spam, phishing). We therefore ask for increased caution in the coming weeks. Even if no passwords have been stolen to date, we recommend changing your log-in data for the "My WESTbahn" account as soon as possible.

If you notice any unusual activity or have any questions in connection with your "My WESTbahn" account, you can find more information in the FAQ below. You can also contact us directly by e-mail at [email protected] or by telephone on the dedicated hotline +43 1 361 0366 548.

WESTbahn has already reported the incident to the relevant authorities. We reserve the right to take further legal action.

Please note, that our train service was not affected at any time and trains are currently running as planned. Tickets can be purchased as usual through all WESTbahn sales channels and on the trains.

Changing password:

Please log out of your account and click "Forgot Password" on the login screen. After that you can change your password.


Who is behind the incident?

What data is affected by the incident?

Are the authorities informed?

When will the problem be solved?

What does the incident mean for WESTbahn customers?

Should passwords for the WESTbahn account be changed?

Who can I contact if I have further questions?