Great Western Railway (GWR)
The British train company Great Western Rail suffered a security breach that affected at least 1,000 accounts out of more than a million.
Additionally, Great Western Rail notified the UK Information Commissioner's Office that impacted consumers should change the password they use to access the GWR.com portal.
Attackers attempted to access the accounts by using credentials exposed from earlier data breaches, a tactic known as credential stuffing.
The notifications notify users that, out of caution, Great Western Rail has reset all GWR.com passwords.
Source: https://securityaffairs.com/71379/data-breach/great-western-railway-hack.html
"id": "GRE350251223",
"linkid": "great-western-railway",
"type": "Breach",
"date": "04/2018",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"