NEWNow you can listen to Fox News articles!
Booking a train ticket is usually something that most people don’t think twice about. Now it may come with real privacy risks after a reported data leak tied to Amtrak.
A newly-revealed dataset linked to the company came from Have I Been Pwned, a widely used site that tracks and verifies data breaches, suggesting that customer information is now being streamed online. The company hasn’t confirmed the full scope, but the situation is already drawing attention from security researchers.
For travelers, the biggest problem is not just what has been taken. How that data can be used next.
Sign up for my FREE CyberGuy report
- Get my best tech tips, emergency security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by the millions who watch CyberGuy on TV every day.
- Plus, you’ll get instant access to my Free Scam Survival Guide when you join.
149 MILLION PASSWORDS HACKED IN MAJOR EVIDENCE
The alleged disclosure of Amtrak data may have affected millions of accounts, with researchers warning that the leaked records could fuel phishing attacks. (Pixelfit/Getty Images)
What we know about the Amtrak data breach
The breach was added to Have I Been Pwned on April 17, 2026, after a dataset attributed to Amtrak surfaced online. According to that listing, the dataset includes more than 2.1 million unique accounts.
The disclosed information listed on Have I Been Pwned includes email addresses, names, residential addresses and customer support records.
Various reports suggest the total number of records could be much higher, with some estimates as high as 9.4 million, although that figure has not been confirmed by Amtrak.
Support interactions can reveal travel habits, preferences and past stories. That gives attackers more context to work with.
How the Amtrak data breach happened
A group linked to the attack, ShinyHuntersit has a pattern. They often target cloud-based customer systems, especially platforms like Salesforce.
These systems store large amounts of customer data in one place. That makes them efficient for businesses and valuable to attackers.
Attacks like this often involve exploiting access to cloud-based customer relationship management (CRM) environments rather than breaching internal networks directly.
In most cases, a breach does not require breaking into a company’s internal network. Instead, attackers use weak access controls, misconfigured settings or compromised credentials tied to cloud services.
Once inside, they can extract large data sets quickly and demand payment before releasing the data publicly.
Why the Amtrak data breach is different
Not all data breaches carry the same level of risk. This stands out because of the type of information involved.
Basic contact information is already used for spam. Add a history of customer service, and the situation changes. Attackers can refer to real interactions to make their messages feel legitimate.
You may receive an email about a previous journey, a refund request or a delayed train. It looks normal. That’s what makes it dangerous.
These are sewn phishing attempts They are more convincing than regular scams.
HOW MANUFACTURERS ORDER A PROFILE FROM YOU USING A DATA BROKER
Travelers are being urged to remain vigilant after Amtrak data linked to millions of online accounts was exposed. (martin-dm/Getty Images)
What the Amtrak data breach means for you
If your data is part of this breach, the risk is not the person accessing your account. The biggest concern is impersonation.
Attackers can use your information to quickly build trust. They may pose as Amtrak support, a travel partner or even a financial institution tied to the reservation.
That increases the chance that you’ll click a link, share more information or approve a transaction without realizing what’s happening.
Even if you’ve never had a problem before, this type of exposure changes your risk profile.
We reached out to Amtrak for comment, but did not hear back before our deadline.
Why do companies continue to face this problem?
This breach highlights a major problem with how companies handle data today. Many rely heavily on cloud platforms to store and organize customer information. These tools are effective, but they also centralize risk.
A single misconfiguration or compromised login can open the door to millions of records.
As more businesses move to software-as-a-service (SaaS) platforms, attackers are following. The pattern is becoming more common, not less.
How to check if your passwords have been stolen
To see if your email has been affected, visit I would have been arrested haveibeenpwned.com. It is the first and official source of this new additional dataset.
- Enter your email address to find out if your information appears in the leak.
- When you’re done, come back here with step 1 below.
INSURANCE DATA BREACH RIPPED 1.6 BILLION PEOPLE’S HEARING INFORMATION
Customer information linked to Amtrak has reportedly surfaced online, revealing contact information and support records that could be used in fraud schemes. (Stock)
Ways to stay safe after a data breach
If your data could be part of this breach, a few smart moves now can reduce your risk and help you stay ahead of the scams that often follow.
1) Use strong, unique passwords for every account
If you reuse passwords, this is the time to change them. One leaked password can open multiple accounts. Use a password manager to generate and store complex passwords so you don’t rely on memory or repeating the same login. Start with your email account first, as it can be used to reset passwords for many of your other accounts. Check out the best password managers reviewed in 2026 on CyberGuy.com.
2) Turn on two-factor authentication
Two-factor authentication (2FA) adds a second layer of protection. Even if someone gets your password, you still need the code from your phone or app. Focus on email, bank and travel accounts first as those are common targets after a breach.
3) Watch for highly targeted phishing attempts
Be very careful with emails or messages that refer to previous trips or support requests. That level of detail can make scams feel real. Avoid clicking on links or downloading attachments unless you are sure of the source. If in doubt, go directly to the company’s official website.
4) Monitor your financial activity and account
Check your bank accounts and credit cards regularly for unusual charges. Look for login warnings or password reset notifications you didn’t request. The sooner you grasp something, the easier it is to contain.
5) Use strong antivirus software on your devices
Solid antivirus software does more than scan for viruses. It can block malicious links, detect suspicious downloads and stop phishing attempts before they reach you. Keeping your devices secure adds a critical layer between you and attackers trying to exploit stolen data. Find my picks for the best antivirus 2026 winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.
6) Delete your personal data from merchant sites
Data brokers collect and sell your personal information, increasing your exposure after a breach. A data removal service can help limit how much of your information is distributed online and make it harder for fraudsters to build detailed profiles about you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out there on the web by visiting CyberGuy.com.
Get a free scan to find out if your personal information is already out there on the web: CyberGuy.com/FreeScan
7) Use identity monitoring for early warnings
An identity monitoring service can track your personal information across websites and alert you to suspicious activity. That includes new accounts opened in your name or signs that your data is being misused. See my tips and top picks for Best Identity Theft Protection at CyberGuy.com
8) Freeze your credit for extra protection
A credit freeze prevents anyone from opening new accounts in your name without your permission. It is one of the most effective ways to stop identity theft after a breach. You can freeze for free at the credit bureaus and raise it whenever needed.
Kurt’s priority is taking
A breach of the Amtrak deal is still possible, and key details remain unclear. What is clear is where this attack is headed. They are becoming more targeted, personal and harder to see. For consumers, that means staying alert even when something seems out of the ordinary. For companies, it means tightening controls around systems that hold highly sensitive data. You don’t need to panic, but you do need to be careful.
With breaches like this happening so often, are companies doing enough to protect your personal information? Let us know by writing to us at CyberGuy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS PROGRAM
Sign up for my FREE CyberGuy report
- Get my best tech tips, emergency security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by the millions who watch CyberGuy on TV every day.
- Plus, you’ll get instant access to my Free Scam Survival Guide when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
