Great Western Railway accounts breached

A British rail operator has reset more than a million customer accounts after discovering hackers had successfully breached a small percentage of them.

Great Western Railway said that about 1,000 of its passengers’ details had been exposed.

The business – which runs trains between London, Penzance and Worcester – is part of the transport operator FirstGroup.

It said all bank information had been protected by encryption.

We have identified unauthorised automated attempts to access a small number of GWR.com accounts over the past week,

While we were able to shut this activity down quickly and contact those affected, a small proportion of accounts were successfully accessed.

The success rate of the automated logins was extremely low, suggesting any passwords used were likely harvested elsewhere,

the company added.