A threat actor has allegedly posted for sale the database of SNCF Connect, the online reservation and ticketing service for France’s national state-owned railway company, Société Nationale des Chemins de fer Français (SNCF). SNCF is a critical component of France’s public transportation infrastructure, managing the country’s national rail traffic, including the high-speed TGV trains. The online platform, sncf-connect.com, is a vital tool for millions of travelers, facilitating ticket purchases, journey planning, and management of loyalty programs. The alleged breach, posted on a dark web forum, claims to contain the data of over five million customers and workers.
The seller, claims the database is recent and includes a wide range of sensitive personal and financial information. The post included a sample of the data to substantiate their claims, though the authenticity of the breach has not been officially confirmed by SNCF. This incident could pose a significant risk of fraud, phishing attacks, and identity theft for the millions of individuals whose data may have been compromised.
The leaked data allegedly includes a comprehensive list of user and employee details. The fields listed for sale are:
- Customer ID
- First name
- Last name
- Email address
- Phone number
- Date of birth
- Physical address (address, postal code, city, country)
- Registration date
- Last login date
- Verification status
- Payment method ID
- IBAN
- BIC Swift
- Tax ID
- Loyalty card number