Arriva’s Data Breach: What You Need to Know and How to Protect Yourself

Estimated read time 2 min read

In the latest Dutch data breach episode, Arriva, a major transport company, has experienced a data breach affecting 195,000 customers. The leak includes sensitive information such as names, email addresses, phone numbers, and birth dates.

Quick Facts: The Arriva Data Breach

Before diving into the details, let’s quickly summarize the key points of this breach:

Date of DiscoverySeptember 19, 2023
Type of Data LeakedNames, email addresses, phone numbers, birth dates
Affected Customers195,000
Point of EntryContact form on the Arriva website
Action TakenContact form offline, affected customers notified

The Discovery of the Breach

On September 19, 2023, Arriva acknowledged a data breach1 affecting a specific section of their website, the contact form. An ethical hacker informed them about the vulnerability via email, without making any demands or threats.

Ethical Hacker’s Role

The hacker’s intentions remain unknown, however, Arriva asserts that the hacker made no demands2, thus presenting themselves as an “ethical hacker” who was merely bringing the security lapse to the company’s attention.

Immediate Measures Taken by Arriva

After discovering the breach, Arriva took immediate action. They temporarily took down the affected contact form and began an investigation to assess the extent and nature of the data leak. Security measures have since been reinstated.

Customers Notified

Arriva has personally notified all 195,000 affected customers about the incident. They have provided information on the type of data that was compromised and steps to take for further protection.

What Can You Do?

If you’re one of the affected customers, it’s essential to stay vigilant. We recommend changing your passwords and keeping an eye on your accounts for any suspicious activity.

Change PasswordsPrevent unauthorized access
Monitor AccountsDetect any irregular activities
Enable 2FAAdd an extra layer of security

The Arriva data breach serves as yet another wake-up call about the vulnerabilities that exist in the cyber world. While the company has taken steps to address the issue, it is a reminder for all of us to be proactive in safeguarding our data.

Will we see stricter regulations on data protection in the transport sector? Only time will tell. For now, all we can do is remain vigilant and proactive in protecting our personal information.

  1. ↩︎
  2. ↩︎
Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author

+ There are no comments

Add yours