Pen Test Partners Uncovers Vulnerabilities in Eurostar’s AI Chatbot, Faces Blackmail Accusations

Researchers from Pen Test Partners have identified four vulnerabilities in Eurostar’s public AI chatbot, including the ability to inject malicious HTML content and leak system prompts. These vulnerabilities could allow attackers to perform cross-site scripting (XSS) attacks, steal sensitive information, and manipulate the chatbot’s responses. The incident, reported in December 2025, underscores the critical need for robust security measures in AI systems. However, the researchers faced accusations of blackmail from Eurostar after reporting the issues, raising concerns about the organization’s approach to vulnerability disclosure. This situation highlights the importance of responsible disclosure practices and the necessity for organizations to establish clear policies for handling security reports. Organizations using AI chatbots should prioritize regular security assessments and penetration testing to identify and mitigate potential vulnerabilities. Additionally, fostering a collaborative environment with security researchers is essential to ensure that security issues are addressed promptly and effectively.