THREATOPS
THREAT OPSThreat News › [Breach] Amtrak — 2,147,679 accounts exposed

[Breach] Amtrak — 2,147,679 accounts exposed

lowhibp_breachesPublished 2026-04-03

Breached service: Amtrak Domain: amtrak.com Accounts exposed: 2,147,679 Breach date: 2026-04-03 Added to HIBP: 2026-04-17T04:54:48Z Data classes leaked: Email addresses, Names, Physical addresses, Support tickets Description: In April 2026, the hacking group ShinyHunters claimed they had breached Amtrak. The group typically compromises organisations' Salesforce instances before demanding a ransom

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://haveibeenpwned.com/PwnedWebsites#Amtrak