UPDATED Data Security Incident affecting DiscoverEU travellers European Youth Portal

pLast updated on Tuesday 13012026ppDear DiscoverEU travellers We regret to inform you that a personal data breach has occurred in the IT systems of our DiscoverEU supplier Eurail BV that may affect your personal information Protecting your data is of crucial importance to us We are committed to act in full transparency about this situation and we will take all measures at our disposal to minimise the impact of the incidentppUpdate On behalf of the European Commissions DirectorateGeneral for Education Youth Sport and Culture and the European Education and Culture Executive Agency EACEA Eurail has contacted potentially affected DiscoverEU participants ppThe Commission was informed that Eurail BV experienced a security breach within their IT systems This breach resulted in unauthorised access to Eurail BV data including personal data of participants in the DiscoverEU action financed under the Erasmus programme The European Commission takes this matter very seriously An investigation to determine the full scope of the incident with Eurail BV and its potential impact is ongoingppAccording to Eurail BV the identity and exact number of persons affected is unknown at this stage ppThe Commission is closely following the ongoing investigation and working to ensure that all possible measures to mitigate the incident are takenppThe personal data affected may include data that you have provided where applicableppTo our knowledge there is currently no evidence that the data has been misused or publicly disclosed Eurail reassured the Commission that this is consistently being monitored by external cybersecurity specialists ppHowever as a result of this incident possible consequences for you may includeppEurail BV has taken the following steps to address the incident and reduce any potential impactppThe general recommendations in data breach cases are the followingppDG EAC is the primary contact point for affected users of DiscoverEU at the following email address  EACDiscoverEUSecurityeceuropaeuppThe European Data Protection Supervisor was notified about the personal data breach in accordance with the European Commissions obligations under the applicable data protection legislation ppWe will keep you posted with updates on the incident on this website as information becomes availableppWe sincerely regret any inconvenience or concern this may cause and remain fully committed to protecting your personal datappDiscoverEU users have the right to address the Data Protection Officer of the European Commission if they consider that their rights as data subject which they have exercised with DG EAC are not being fully respectedppName of the Data Protection Officer Michelle SUTTONppEmail DATAPROTECTIONOFFICEReceuropaeupp ppFor more information consult this list of Frequently Asked Questionspp ppThe European Youth Portal provides EU level information and opportunities for young people and youth stakeholdersppppIcons made by Freepik and Smashicons from flaticoncomp