Eurostar chatbot security flaws almost left customers exposed to possible security threats

1. Pro
2. Security

Eurostar chatbot security flaws almost left customers exposed to possible security threats News By Sead Fadilpašić published 22 December 2025

Security researchers found multiple vulnerabilities on Eurostar platform

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

(Image credit: GERARD BOTTINO / Shutterstock.com) Share Share by:

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Threads

Share this article 0 Join the conversation Follow us Add us as a preferred source on Google

• Pen Test Partners found flaws in Eurostar’s AI chatbot, including weak validation and HTML injection
• Eurostar says customer data was never at risk; vulnerabilities have since been mitigated
• Palo Alto warns rapid AI adoption expands cloud attack surfaces via misconfigurations and non‑human identities

Eurostar's recently-introduced AI-powered customer support chatbot was marred with cybersecurity vulnerabilities that opened the doors to a multitude of potential risks, experts have warned.

Researchers at Pen Test Partners discovered the chatbot properly validated only the most recent messages in a conversation, meaning older messages could be altered to contain a malicious prompt. That prompt could be virtually anything, from revealing system information, to (possibly) exfiltrating sensitive customer data.

Luckily, Eurostar did not connect its customer information database with the chatbot, so at the time of discovery, there was no direct risk of data leakage happening.

You may like

• Researchers claim ChatGPT has a whole host of worrying security flaws - here's what they found
• An "AI Exposure Gap" could be the most worrying security issue your business isn't aware of
• New research reveals AI is fueling an 'unprecedented surge in cloud security risks'

"Customers were never at risk"

The expers found there were other weaknesses in the system, as well, including conversation and message IDs that weren’t properly verified, or an HTML injection flaw that enables running JavaScript directly in the chat window.

Pen Test Partners seem to be the first to have discovered these vulnerabilities: “No attempt was made to access other users’ conversations or personal data”, the researchers explained. “But the same design weaknesses could become far more serious as chatbot functionality expands”.

Eurostar emphasized customer data was never at risk, telling City AM: “The chatbot did not have access to other systems and more importantly no sensitive customer data was at risk. All data is protected by a customer login.”

Many businesses are rushing to deploy AI tools, however, rapid enterprise adoption is significantly expanding cloud attack surfaces and putting businesses at more risk than ever before.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Contact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.The best antivirus for all budgetsOur top picks, based on real-world testing and comparisons

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

TOPICS AI Chatbot Sead FadilpašićSocial Links Navigation

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Show More Comments

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Logout Read more Researchers claim ChatGPT has a whole host of worrying security flaws - here's what they found    An "AI Exposure Gap" could be the most worrying security issue your business isn't aware of    New research reveals AI is fueling an 'unprecedented surge in cloud security risks'    Major AI agents are being spoofed - and it could put your site at risk    Claude can be tricked into sending your private company data to hackers - all it takes is some kind words    Can top AI tools be bullied into malicious work? ChatGPT, Gemini, and more are put to the test, and the results are actually genuinely surprising    Latest in Security HPE tells customers to patch OneView immediately as top-level security flaw spotted    Motherboards from Gigabyte, MSI, ASUS, ASRock at risk from new UEFI flaw attack - here's what we know    Trump’s new $900 billion Pentagon funding plan includes ‘enhanced cybersecurity protections’ for Cyber Command - here’s what we know    Amazon is reportedly being deluged with North Korean job applicants eager to break inside its walls    WatchGuard Firebox OS forced to patch worrying security flaw, so update now    NHS England tech provider reveals data breach - DXS International hit by ransomware    Latest in News Large External SSDs are now cheaper than internal ones as 4TB SATA SSD face extinction due to negligible price difference    Mullvad VPN boosts WireGuard speeds and stability with new Rust-based engine    This gift-wrapping robot is quite funny, actually    Federal judge blocks Louisiana’s social media age verification law – here's why    'We put the most pressure on ourselves' — Tomb Raider studio head on remaking one of the most iconic games of all time    Watch out – RAM rip-offs are now in vogue, so here's how to avoid them    LATEST ARTICLES

1. 1Gemini 3 Flash is smart — but when it doesn’t know, it makes stuff up anyway
2. 2Watch out, Nvidia - Qualcomm acquires Alphawave Semi in latest addition to its AI data center push
3. 3TechRadar Gaming's favorite gaming devices of 2025: personal picks from all the year's gear
4. 4Large External SSDs are now cheaper than internal ones as 4TB SATA SSD face extinction due to negligible price difference
5. 5Arm sheds billions in market capitalization after Qualcomm hints at RISC-V adoption with Ventara Micro acquisition