Rail Europe SAS (France)
ln mid-2017, thru PHP code injection, an attacker was able to gain access to Organization?s front-end web servers and install spyware in order to collect data entered by customers on the Organization?s website. The data encryption in place between the Organization?s web browsers and servers did not protect the customer information from the attacker due to the method of attack. The incident occurred between June 15, 2017 through February 16, 2018. The incident was discovered on February 16, 2018, as a result of queries from one of the Organization?s banks. The Organization undertook an investigation of its ecommerce websites, which are used to purchase rail passes for use in EU countries, and engaged two forensic analysis and security auditing firms to investigate the possible incident.