Amtrak
HighAmtrak's systems were breached by ShinyHunters, exposing over 2 million customer records.
- Records exposed
- 2,147,679 records
- Breach date
- Breach Apr 3, 2026
- Last update
- Updated Apr 17, 2026
What data was exposed?
Fields reported as compromised in this breach record.
Why does this breach matter?
In-depth analysis of the breach and its implications.
In April 2026, Amtrak experienced a data breach reportedly orchestrated by the hacking group ShinyHunters. The group, known for compromising Salesforce instances and subsequent ransom demands, released data comprising over 2 million records containing email addresses, names, physical addresses, and support ticket information. This incident highlights the vulnerability of customer relationship management systems and the importance of safeguarding customer data.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Customers are at heightened risk for phishing and identity impersonation.
- Business Impact
- Amtrak faces reputational damage and potential regulatory scrutiny.
- Affected Sectors
- Transportation
- Customer Service
- Geographic Impact
- Global
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Monitor accounts for signs of unauthorized activity.
- •Update passwords for accounts associated with breached data.
- •Enable multi-factor authentication where possible.
Preventive Measures
- •Use vendor controls to monitor CRM data access.
- •Implement routine penetration testing.
- •Educate staff on recognizing phishing attempts.
Frequently Asked Questions
Common questions about this breach and what it means for you.