Amtrak Guest Rewards Breach Affects Personal Info
Amtrak, also known as the National Railroad Passenger Corporation, has disclosed it suffered from a cyberattack in which customer data was stolen by unauthorized access to information by a third party. Personal information and log-ins may have been stolen after the attack, which targeted Amtrak customers’ rewards accounts. The state-backed US transport provider revealed the news with a regulatory filing through the Office of the Vermont Attorney General.
Amtrak stressed that no financial data, payment card information, or Social Security numbers were compromised in the cyberattack. Amtrak stated that they detected suspicious third-party activity on internal servers on the evening of April 16, subsequently terminating the unauthorized access within a few hours. Amtrak also worked with affected customers on password resets as well as further measures to contain the incident.