Amtrak

The National Railroad Passenger Corporation (Amtrak) fell for a data breach that led to the exposure of the personal information of some Guest Rewards members.

Amtrak, a high-speed intercity passenger rail provider, and an independent US government agency operate a nationwide rail network in 46 states, the District of Columbia, and three Canadian provinces, with 30 million customers during the last nine years.

On April 16, 2020, an unknown third party gained unauthorized access to certain Amtrak Guest Rewards accounts.

Compromised usernames and passwords were used to access certain accounts and some personal information had been viewed.

Source: https://www.bleepingcomputer.com/news/security/amtrak-resets-user-passwords-after-guest-rewards-data-breach/

"id": "AMT244123",
"linkid": "amtrak",
"type": "Data Leak",
"date": "04/2020",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"