news NSW TrainLink has announced that its online reservations system has been taken offline following a hack, and that some users’ credit card data may have been compromised.
The rail and coach brand, which is run by Transport for New South Wales, said an investigation into the breach is continuing.
The police have warned that there is a risk that the “limited credit card information” in the compromised database could be used by the hackers “in some circumstances”.
However, the database is separate from the system used to process financial transactions which is “not impacted by this event”, said NSW TrainLink.
The company explained that it is working closely with the police and financial institutions to assess the risk of the security compromise, adding that customers will be contacted if their cards have been compromised by the hack.
“NSW TrainLink has established an incident response group and is working around the clock to assess the impact of this security compromise and will keep customers updated as the situation develops,” it said in a statement at the weekend.
NSW TrainLink urged customers to be “extra vigilant” to any unsolicited requests for personal information, and to notify their financial institution if there is any unusual activity on their card.
With the online reservation system remaining closed, customers wishing to make a booking should call 13 22 32.
The company also stressed that data for the Opal card scheme is kept on a separate system and “has not been compromised”.