THREAT OPS › Threat News › [Breach] Amtrak — 2,147,679 accounts exposed
[Breach] Amtrak — 2,147,679 accounts exposed
Breached service: Amtrak Domain: amtrak.com Accounts exposed: 2,147,679 Breach date: 2026-04-03 Added to HIBP: 2026-04-17T04:54:48Z Data classes leaked: Email addresses, Names, Physical addresses, Support tickets Description: In April 2026, the hacking group ShinyHunters claimed they had breached Amtrak. The group typically compromises organisations' Salesforce instances before demanding a ransom
MITRE ATT&CK techniques
- Email AddressesT1589.002
Indicators of compromise
- amtrak.comdomain
Original source: https://haveibeenpwned.com/PwnedWebsites#Amtrak