June 19, 2024 at 09:09AM
Amtrak’s Guest Rewards program experienced a three-day security breach, with miscreants accessing user data between May 15-18. The breach potentially compromised email addresses, contact information, payment details, and more. Amtrak is mandating two-factor authentication for affected users and advising them to change their passwords. This is the second breach for the company’s rewards program.
From the meeting notes, the key takeaways are:
1. Amtrak’s Guest Rewards program experienced a security breach, with potential unauthorized access to user data between May 15-18. The attackers sourced valid credentials from third-party sources and accessed various user information, including email addresses, names, contact details, Guest Rewards account numbers, dates of birth, partial credit card details, gift card information, and details about previous Amtrak journeys.
2. As a response, Amtrak is mandating multi-factor authentication (MFA) for affected accounts. However, it’s important to note that the added layer of authentication seems to be more like two-factor authentication (2FA) as it currently involves receiving a validation code via email or text.
3. The breach resulted in Amtrak forcibly enabling 2FA on affected accounts, initiating password resets, and changing email addresses on the accounts, which presumably were altered by the attackers.
4. Affected customers are advised to use unique and strong passwords not easily guessable or utilized for other accounts. They are also encouraged to review their other online accounts for any suspicious activities and consider changing their credentials for accounts with similar usernames and passwords.
5. Amtrak provided detailed guidance in the letter about next steps and offered affected customers one free credit report. Additionally, the company recommended that customers monitor their accounts for fraudulent activity.
6. This is the second breach of Amtrak’s rewards program, with a similar incident occurring in 2020, where personal data was accessed, but no financial data was at risk. In that instance, the company quickly detected and mitigated the breach by blocking attackers and initiating password resets. However, no immediate response was provided to inquiries regarding the number of potentially affected customers during the recent breach.
These takeaways highlight the gravity of the security breach, the steps Amtrak is taking to address the situation, and the recommendations for affected users to safeguard their account information.