The embarrassing IT security weak spot in the Swisscard system, which has since been fixed, was reported to the Rundschau programmeExternal link on Swiss public television, SRF, on Monday.
The information included the names of the travellers, their date of birth, the number of first- and second-class tickets purchased and the place of departure and destination.
The hacker told Rundschau that the recent attack required no specialist IT knowledge: “The sensitive data was practically public on the internet.”
The data was never made public and has been returned to Swiss Railways. The hacker said they had no criminal intent but merely wanted to expose the problem.
The Federal Data Protection Commissioner was informed of the security breach.
‘Potential for abuse’
“This is a huge meltdown for Swiss Railways,” Otto Hostettler, a journalist and author specialising in internet crime, told Rundschau. “Such data can be sold in hacker forums on the dark web. In the wrong hands it would have great potential for abuse.”
This has been demonstrated by hacks into Swiss municipal databases in recent months, including the towns of Montreux and Rolle in western Switzerland.
What factors should be taken into account when inheriting Swiss citizenship abroad?
Should there be a limit to the passing on of Swiss citizenship? Or is the current practice too strict and it should still be possible to register after the age of 25?
Switzerland steps up defence cooperation with NATO
This content was published on
On Friday, the Swiss government approved the country's participation in a Patriot missile project run by NATO's Support and Procurement Agency (NSPA).
Vaud government removes Valérie Dittli from finance minister role
This content was published on
The Vaud government announced on Friday that it had removed Valérie Dittli from her role as finance minister in the western Swiss region.
Swiss attorney general takes over suspected RUAG MRO fraud probe
This content was published on
The Office of the Attorney General of Switzerland (OAG) has taken over the criminal investigation into the case of alleged fraud at RUAG MRO, a Swiss military technology firm.
Glaciers over 3,000m can be preserved via better climate protection
This content was published on
Stronger global climate protection could preserve more than a quarter of the ice in the Swiss Alps, says the Swiss Academy of Natural Sciences (SCNAT).
Swiss UN rapporteur urges Washington to release Columbia University student
This content was published on
The United Nations Special Rapporteur on Minority Issues, Nicolas Levrat, and eight other legal experts, have called on the US to release Palestinian student activist Mahmoud Khalil.
This content was published on
Nestlé plans to close its factory in Germany at Neuss, near Düsseldorf, by mid-2026. The Swiss food giant also plans to sell its Conow plant, near the Polish border, early next year.
UBS mulls moving HQ abroad, according to media report
This content was published on
The Swiss bank UBS could relocate its Swiss headquarters abroad if capital demand is not reduced, Bloomberg News reports.
SWISS cancels flights to London’s Heathrow Airport after power station fire
This content was published on
Swiss International Air Lines (SWISS) says it has cancelled all flights from Geneva and Zurich to Heathrow Airport on Friday following a huge fire at a power sub-station.
Swiss government to deport rejected asylum seekers from Afghanistan
This content was published on
The State Secretariat for Migration (SEM) is changing its asylum policy for Afghanistan. Single men with rejected applications can now be deported.
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.
Read more
More
Hackers target the Swiss town of Montreux
This content was published on
Hackers have carried out a cyber attack against databases belonging to the Montreux authorities in southwestern Switzerland.
Successful hacking group targets Swiss towns, companies, hospitals
This content was published on
A group that hacked a Swiss town and posted datan on the Darknet has threatened to target other municipalities, companies or hospitals.
You can find an overview of ongoing debates with our journalists here . Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.