The National Railroad Passenger Corporation (Amtrak) has revealed a breach of data that led to the exposure of personal information of some members of the Guest Rewards.
Amtrak, a provider of high-speed intercity passenger transport and an independent government agency USA, operates a national rail network in 46 states, the District of Columbia and three Canadian provinces, with 30 million customers over the past nine years.
It also has more than 20.000 and operates more than 300 trains every day to more than 500 destinations, with revenues of $ 3,5 billion in 2019.
Restore account passwords
"On the afternoon of 16 April 2020, Amtrak detected that an unknown third party had acquired unauthorized access in some Amtrak Guest Rewards accounts, ”says Vicky Radke, senior manager of Amtrak Guest Rewards.
"We reported that infringed usernames and passwords were used to access specific accounts, and that some personal information may have been displayed."
The company's security team blocked the unauthorized third party from accessing the breached Amtrak Guest Rewards accounts within hours of locating suspicious activity.
Amtrak did not disclose the total number of accounts affected by the breach or their type. personal information which may have been exposed, but restored passwords to all potentially affected Guest Rewards accounts.
The Railway Passenger Service also hired third-party security experts to implement safeguards designed to protect its customers from future efforts. violation and to confirm exactly what happened in the incident.
Customers affected by the Amtrak Guest Rewards data breach were also offered a free annual subscription to Experian's IdentityWorks.