A cyber attack on a large industry can throw anyone off the rails. Especially if you are a railroad and transport company…


Amtrak Cyber Security Derailed

Cyber criminals are at it once again with attacks during COVID-19. So far, the medical, automobile and beauty industries faced many attacks from hackers. Now, said criminals are transitioning back to transportation, but this time, they are attacking Amtrak.

Amtrak is a railroad company that, “ provides medium and long-distance intercity service in the contiguous United States and to nine Canadian cities.”

This mode of transportation is widely utilized by hundreds of thousands of passengers each year. So, when they announced that the Amtrak guest Rewards accounts faced an attack, many customers became concerned. 

Last week, Amtrak released the notice of the data breach to customers and the Attorney General’s Office of Vermont. To read the entire letter, click here. Further, key points of the letter will appear below. 


The Notice of the Breach

To begin, Amtrak opens with an acknowledgement of the breach and recognition that the recipient of the letter is in possession of a breached account. 


On behalf of Amtrak, I am writing to inform you about a recent incident that potentially affected some of your personal information. Amtrak promptly fixed the issue and is cooperating with federal law enforcement. 

On the evening of April 16, 2020, Amtrak determined that an unknown third party gained unauthorized access to certain Amtrak Guest Rewards accounts. This messages indicates your account may be one of the affected in the attack.


Following the recognition of the incident, Amtrak states what information may be at risk. While the access is minimal, it is still troublesome. 


We made the determination that compromised usernames and passwords may be involved in accessing certain accounts. No financial data, credit card information or Social Security numbers were among accessed data. 


Continuing on from the breached information, the company states what they are doing now to remedy the issue.


Amtrak takes this matter very seriously and is taking steps to help prevent incidents like this from happening again. After detecting suspicious activity, our security team immediately investigated the issue and terminated the unauthorized access within a few hours. 

We also reset the passwords for potentially affected accounts. Amtrak engaged outside cyber security experts to confirm that the incident undergo containment and implement additional safeguards to protect customers. 


Next Steps

Further, the rest of the notices goes on to state what customers can do to protect themselves from any more possible damage. The options presented by Amtrak include various forms of credit and identity monitoring. 

Also, the company offers information sources and contact numbers for various people and organizations to help with recovery.

All in all, this transport company has a long recovery journey ahead, just like the many other large companies hit by a cyber attack. 

What industry will face the next cyber attack? Will attacks decrease as COVID-19 restrictions ease up? Only time will tell. 


By Taylor Ritchey