Friday, November 15, 2024
HomeCyber security CourseAmtrak Data Breach: Hackers Accessed User's Email Address

Amtrak Data Breach: Hackers Accessed User’s Email Address

Published on

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards accounts.

The breach between May 15, 2024, and May 18, 2024, allowed unauthorized parties to access users’ accounts.

The company believes the hackers obtained login credentials from third-party sources rather than Amtrak’s systems.

- Advertisement - SIEM as a Service

This incident has raised customers’ concerns about the security of their personal information and the potential for identity theft.

What Information Was Compromised?

During the breach, the unauthorized party changed the affected accounts’ email addresses and accessed sensitive information.

Scan Your Business Email Inbox to Find Advanced Email Threats - Try AI-Powered Free Threat Scan

This included users’ names, contact information, Amtrak Guest Rewards account numbers, dates of birth, partial payment details (such as credit card numbers and expiration dates), gift card information (including card numbers and PINs), and details about their transactions and trips with Amtrak.

The extent of the accessed information has heightened the urgency for affected users to take immediate protective measures.

Amtrak’s Response and Recommendations

Upon discovering the breach on May 15, 2024, Amtrak promptly initiated an investigation and took steps to secure the compromised accounts.

The company reverted the email addresses to the original users and reset the account passwords.

Additionally, Amtrak has enabled multifactor authentication (MFA) for all Amtrak Guest Rewards accounts to enhance security.

Users must now enter a validation code via email or text to complete their login process.

Amtrak has advised affected customers to change their login credentials, not only for their Amtrak accounts but also for any other online accounts that may use similar usernames and passwords.

The company also recommends reviewing these accounts for any suspicious activity.

Furthermore, Amtrak has provided a comprehensive Reference Guide with steps to protect personal information, including ordering free credit reports, placing fraud alerts, and considering security freezes on credit files.

Steps for Affected Users

Amtrak’s Reference Guide outlines several critical steps for users to safeguard their information and mitigate identity theft risk.

Affected individuals are encouraged to:

  1. Order Free Credit Reports: Under U.S. law, individuals are entitled to one free credit report annually from the three nationwide consumer reporting agencies. Reviewing these reports can help identify any unauthorized accounts or inaccuracies.
  2. Place Fraud Alerts: A fraud alert notifies potential creditors to take extra steps to verify the identity of anyone applying for credit in the user’s name, thereby helping to prevent identity theft.
  3. Consider Security Freezes: A security freeze restricts access to the user’s credit file, making it more difficult for identity thieves to open new accounts. Users must place a freeze with each consumer reporting agency individually.
  4. Report Incidents: Any detected fraud or identity theft incidents should be reported to law enforcement, the Federal Trade Commission (FTC), and the user’s state Attorney General. The FTC provides resources and guidance on how to recover from identity theft.

The Amtrak data breach has underscored the importance of robust cybersecurity measures and the need for individuals to remain vigilant in protecting their personal information.

While Amtrak has taken steps to secure affected accounts and prevent future breaches, users are also responsible for following the recommended actions to safeguard their identities.

As cyber threats evolve, companies and consumers must proactively combat data breaches and protect sensitive information.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Critical TP-Link DHCP Vulnerability Let Attackers Execute Arbitrary Code Remotely

A critical security flaw has been uncovered in certain TP-Link routers, potentially allowing malicious...

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...