On November 4, 2020, the California Office of the Attorney General reported a data breach by Amtrak, which involved unauthorized access to certain Amtrak Guest Rewards accounts on July 24, 2020. Compromised information included usernames and passwords, though financial data and Social Security numbers were not affected. The stolen data potentially prompted Amtrak to reset passwords and enhance security measures.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-195848
TPRM report: https://www.rankiteo.com/company/amtrak
"id": "amt705072825",
"linkid": "amtrak",
"type": "Breach",
"date": "7/2020",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Transportation',
'location': 'United States',
'name': 'Amtrak',
'type': 'Organization'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'type_of_data_compromised': ['usernames', 'passwords']},
'date_detected': '2020-07-24',
'date_publicly_disclosed': '2020-11-04',
'description': 'Unauthorized access to certain Amtrak Guest Rewards accounts '
'resulting in compromised usernames and passwords.',
'impact': {'data_compromised': ['usernames', 'passwords']},
'references': [{'date_accessed': '2020-11-04',
'source': 'California Office of the Attorney General'}],
'response': {'remediation_measures': ['Password Reset',
'Enhanced Security Measures']},
'title': 'Amtrak Data Breach',
'type': 'Data Breach'}