BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Amtrak Says Guest Rewards Accounts Hacked in Credential Stuffing Attacks

National passenger railroad company Amtrak is notifying customers that hackers have breached their Guest Rewards Accounts.

Amtrak is notifying some customers that their Guest Rewards Accounts have been hacked.

According to a notification letter to the affected individuals, a copy of which was submitted to the state of Massachusetts, no Amtrak systems were compromised in the attacks, as credential stuffing was employed.

As part of such attacks, threat actors leverage username and password combinations obtained from other data breaches, from malware infections, or phishing, in an attempt to gain access to accounts that use the same login credentials.

“We believe that the unauthorized party may have obtained your login credentials from third-party sources. We have no indication that your login credentials were obtained from our systems,” Amtrack says.

The national passenger railroad company says that the attackers started accessing the targeted accounts on May 15, 2024, and that they were evicted on May 18, after the credentials for the compromised accounts were reset.

The attackers, Amtrack says, were seen changing the email addresses for the hacked accounts and accessing profile information, including names, contact details, dates of birth, Amtrak Guest Rewards account numbers, partial credit card numbers and expiration dates, gift card information, and details about transactions and trips.

“Promptly after becoming aware of the issue on May 15, 2024, we began an investigation and took steps to secure your account. We have changed the email address for your Amtrak Guest Rewards account back to your email address and initiated a reset of your account password,” the company says.

Amtrak urges the affected individuals to reset their account passwords and to change the credentials for other online accounts secured with the same or similar usernames and passwords, and to use multi-factor authentication for their Amtrak Guest Rewards accounts.

Advertisement. Scroll to continue reading.

The impacted individuals are also advised to order free credit reports, to review account statements to discover fraud and identity theft and report such incidents, and to consider placing a fraud alert on their credit files.

What Amtrak did not say was how many individuals might have been affected by the incident. SecurityWeek has emailed the company for additional details and will update this article as soon as a reply arrives.

Related: Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication

Related: 340,000 Jason’s Deli Customers Potentially Impacted by Credential Stuffing Attack

Related: Over 71k Impacted by Credential Stuffing Attacks on Chick-fil-A Accounts

Related: PayPal Warns Users of Credential Stuffing Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights