Amtrak data breach exposed information of 2.1 million accounts

📅 17 April 2026 at 12:37 UTC📰 Cyber InsiderView original source ↗

Amtrak is the latest organization to have a major dataset added to the Have I Been Pwned (HIBP) database, following claims by the ShinyHunters hacking group that it breached the US passenger rail service and exfiltrated millions of customer records. The development comes days after ShinyHunters publicly alleged they had compromised Amtrak’s systems, stating that … The post Amtrak data breach exposed information of 2.1 million accounts appeared first on CyberInsider.

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

ShinyHunters claimed to have breached Amtrak's systems, exfiltrating millions of customer records including approximately 2.1 million unique email addresses, names, physical addresses, and customer support ticket records. The breach is likely related to misconfigurations or stolen credentials, with the data being published on a public leak site.

⚙️Technical Details

Affected Systems

Salesforce instances

Attack Vectors

misconfigurations, stolen credentials, third-party integrations

💥Impact Assessment

Severity: high

Who Is at Risk

Amtrak customers with email addresses in the leaked dataset

🛡️Recommended Actions

1Monitor unsolicited communications referencing travel details or customer support interactions

2Avoid clicking links or downloading attachments from unknown sources

3Implement additional security measures to prevent similar breaches in the future

📦Affected Products

Salesforce instances

Read the full article

This is a curated summary. The complete article is available at Cyber Insider.

Read on Cyber Insider ↗

← Back to feed