ADVERTISEMENT

Eurostar AI chatbot flaws exposed after “painful” disclosure process

A series of vulnerabilities in Eurostar’s AI-powered customer support chatbot have been uncovered, raising questions about both the security of customer-facing bots as well as how pentest reports are handled.

Eurostar

Image from Shutterstock

Ann-Marie Corvin
Ann-Marie Corvin Senior Journalist
Dec 22, 2025 Updated: 23 December 2025 3 min read
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.

A chatbot built for general queries

How the vulnerabilities worked

“The server only verified the signature on the latest message. It never re-validated or re-signed the rest of the history. Any older message in the array, even one that had previously failed the guard, would be accepted as-is and passed into the model as trusted context,”
Ross Donald, Pen Test Partners
ADVERTISEMENT

Disclosure process: “slow and painful”

Issues resolved

“Eurostar takes cyber security very seriously. The customer-facing AI chatbot referenced is an experimental service and does not provide access to internal systems or sensitive customer data. Any issues identified during early testing were addressed promptly, and we continue to monitor and strengthen our security controls.”
Eurostar

ADVERTISEMENT