Cyber Security News

Amtrak Data Breach: Hackers Accessed User’s Email Address

Amtrak notified its customers regarding a significant security breach involving its Amtrak Guest Rewards accounts.

The breach between May 15, 2024, and May 18, 2024, allowed unauthorized parties to access users’ accounts.

The company believes the hackers obtained login credentials from third-party sources rather than Amtrak’s systems.

This incident has raised customers’ concerns about the security of their personal information and the potential for identity theft.

What Information Was Compromised?

During the breach, the unauthorized party changed the affected accounts’ email addresses and accessed sensitive information.

Scan Your Business Email Inbox to Find Advanced Email Threats - Try AI-Powered Free Threat Scan

This included users’ names, contact information, Amtrak Guest Rewards account numbers, dates of birth, partial payment details (such as credit card numbers and expiration dates), gift card information (including card numbers and PINs), and details about their transactions and trips with Amtrak.

The extent of the accessed information has heightened the urgency for affected users to take immediate protective measures.

Amtrak’s Response and Recommendations

Upon discovering the breach on May 15, 2024, Amtrak promptly initiated an investigation and took steps to secure the compromised accounts.

The company reverted the email addresses to the original users and reset the account passwords.

Additionally, Amtrak has enabled multifactor authentication (MFA) for all Amtrak Guest Rewards accounts to enhance security.

Users must now enter a validation code via email or text to complete their login process.

Amtrak has advised affected customers to change their login credentials, not only for their Amtrak accounts but also for any other online accounts that may use similar usernames and passwords.

The company also recommends reviewing these accounts for any suspicious activity.

Furthermore, Amtrak has provided a comprehensive Reference Guide with steps to protect personal information, including ordering free credit reports, placing fraud alerts, and considering security freezes on credit files.

Steps for Affected Users

Amtrak’s Reference Guide outlines several critical steps for users to safeguard their information and mitigate identity theft risk.

Affected individuals are encouraged to:

  1. Order Free Credit Reports: Under U.S. law, individuals are entitled to one free credit report annually from the three nationwide consumer reporting agencies. Reviewing these reports can help identify any unauthorized accounts or inaccuracies.
  2. Place Fraud Alerts: A fraud alert notifies potential creditors to take extra steps to verify the identity of anyone applying for credit in the user’s name, thereby helping to prevent identity theft.
  3. Consider Security Freezes: A security freeze restricts access to the user’s credit file, making it more difficult for identity thieves to open new accounts. Users must place a freeze with each consumer reporting agency individually.
  4. Report Incidents: Any detected fraud or identity theft incidents should be reported to law enforcement, the Federal Trade Commission (FTC), and the user’s state Attorney General. The FTC provides resources and guidance on how to recover from identity theft.

The Amtrak data breach has underscored the importance of robust cybersecurity measures and the need for individuals to remain vigilant in protecting their personal information.

While Amtrak has taken steps to secure affected accounts and prevent future breaches, users are also responsible for following the recommended actions to safeguard their identities.

As cyber threats evolve, companies and consumers must proactively combat data breaches and protect sensitive information.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,' who claims to have compromised the…

2 days ago

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users, leading to widespread reports of Blue…

2 days ago

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have drained billions from victims' wallets. This…

2 days ago

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which link to a variety of systems…

3 days ago

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and often have extensive community support, making…

3 days ago

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are largely employed for communication and collaboration,…

3 days ago