Amtrak suffers data breach; passenger information leaked

Executives from Amtrak (the trade name of National Railroad Passenger Corporation) have disclosed that their systems were affected by a data breach, resulting in the exposure of users’ personal information. According to cyber security awareness experts, an unidentified third party managed to fraudulently access some Amtrak Guest Rewards member program accounts.

Affected accounts are part of a rewards program that allows users to earn points when traveling with Amtrak; these user points can be exchanged for discounts at hotels and some retailers, as well as in the purchase of gift cards.    

According to cyber security awareness experts, attackers would have been able to enter the affected accounts using access credentials exposed in incidents outside the train company, or through brute force attacks.

While the company noted that some personal data was exposed, it has not been specified exactly what information was compromised. On the other hand, the company stressed that confidential and highly sensitive data (such as Social Security numbers or financial data) were not involved in the incident. The company also mentioned that users whose Amtrak Guest Rewards accounts have been compromised were notified about a password reset as part of the implemented security measures.

IT infrastructure managers at Amtrak say that immediately after detecting anomalous behavior in their systems, unauthorized access was revoked: “We are addressing this incident with absolute seriousness, and we are taking the necessary steps to prevent these kinds of leaks from happening again.”  

Federal authorities are in charge of the investigation, in conjunction with a group of cyber security awareness experts, who will also assist in implementing better security policies at Amtrak. So far there is no evidence to show that the information exposed has been used by any group of threat actors (in phishing campaigns, for example); Amtrak offered those affected a year of protection against free electronic fraud as part of their security incident response process.

Cybersecurity incidents affecting travel and hospitality companies and organizations have increased recently. Last March, the Marriott hotel group revealed an incident that may have exposed up to 5.2 million customer records, so the industry has tried to implement incremental improvements to protect customer information.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.