Cybernews, 6/18/24
Amtrak discloses data breach, users urged to reset passwords
US passenger railroad service Amtrak, which operates intercity rail services in nearly all states, has started informing some customers of a data breach.
“We recently learned that an unauthorized party may have used your login credentials to gain access to your Amtrak Guest Rewards account,” the company said.
The unusual activity was observed between May 15th, 2024, and May 18th, 2024. Amtrak insists that login credentials were likely obtained from third-party sources rather than Amtrak’s systems.
The data breach notification letter to the authorities in Massachusetts doesn’t disclose how many customers might have been affected by the security incident.