Amtrak Data Breach: Expert Commentary

Amtrak, the public transportation unit, announced that it suffered a data breach causing Amtrak to reset user passwords after the Guest Rewards data breach. The data obtained from this breach of consumer’s personal information.

Experts Comments

June 03, 2020
Jason Kent
Hacker in Residence
Cequence Security
We've watched credential stuffing attacks escalate over the past few months, and sympathize with the impacted organizations who have to work to respond and reposition their platforms as 'secure and private.' While end-users certainly have a role to play in securing their accounts with strong passwords and multi-factor authentication, we believe that organizations also need to take a close look at the risk profile of their APIs to ensure that they are not an easy and attractive target for.....Read More
We've watched credential stuffing attacks escalate over the past few months, and sympathize with the impacted organizations who have to work to respond and reposition their platforms as 'secure and private.' While end-users certainly have a role to play in securing their accounts with strong passwords and multi-factor authentication, we believe that organizations also need to take a close look at the risk profile of their APIs to ensure that they are not an easy and attractive target for hackers. These API-centric attacks will only continue to escalate as long as insecure endpoints are easily discovered, analyzed, and abused.  Read Less
June 03, 2020
Sam Curry
Chief Security Officer
Cybereason
In the old days we used to say that “loose lips sink ships,” but in this day and age “a loose click kills quick” - and while details regarding Amtrak's reported breach are still being made public, only time will tell how many passengers are impacted by having their PII stolen. Amtrak is undoubtedly suffering in the current COVID-19 pandemic from a near halt of business and personal travel across the U.S. and this particular breach, while extremely painful for the company and its.....Read More
In the old days we used to say that “loose lips sink ships,” but in this day and age “a loose click kills quick” - and while details regarding Amtrak's reported breach are still being made public, only time will tell how many passengers are impacted by having their PII stolen. Amtrak is undoubtedly suffering in the current COVID-19 pandemic from a near halt of business and personal travel across the U.S. and this particular breach, while extremely painful for the company and its impacted customers, will strengthen Amtrak's resolve and help them improve their security defences. From what I am reading, Amtrak has been proactive in its notification approach. Perhaps the negative headlines and fallout from this newest breach disclosure will also be a wake up call to other track operators and the entire rail system in this country to assess their current security hygiene and to make sure their security analysts have the tools to identify malicious and abnormal looking behaviour immediately, giving them a chance to assess risk and then remediate any incidents. My advice to Amtrak's passengers is to pay close attention to their rewards statements, to monitor activity on a regular basis and if anything looks suspicious and out of the ordinary to call either their credit card company or Amtrak. And update their passwords regularly and never, ever use combinations such as '123456', 'password' or other common combinations.  Read Less
June 02, 2020
Robert Prigge
CEO
Jumio
Amtrak's breached Guest Rewards usernames and passwords have already been used by fraudsters to access accounts and view personal information. It's clear these traditional authentication methods can't be trusted to keep accounts secure, as cybercriminals can easily log in with stolen passwords, and there's no way to confirm the legitimate user is the one accessing the account. Amtrak's response to reset passwords and provide complimentary identity theft protection services is simply not enough.....Read More
Amtrak's breached Guest Rewards usernames and passwords have already been used by fraudsters to access accounts and view personal information. It's clear these traditional authentication methods can't be trusted to keep accounts secure, as cybercriminals can easily log in with stolen passwords, and there's no way to confirm the legitimate user is the one accessing the account. Amtrak's response to reset passwords and provide complimentary identity theft protection services is simply not enough to keep their 30 million user accounts safe. Fraudsters can easily use the original password to access other user accounts, including banking, insurance, social media and more, where they can transfer funds, change passwords to lock the real user out and even use found personal information to commit identity theft. As train and air travel will likely increase when COVID-19 restrictions are lifted, the travel industry is a growing target for fraud. It's time for travel organizations to adopt stronger forms of authentication to keep their customer accounts secure. Biometric authentication (leveraging a user’s unique biological traits to verify identity) ensures only authorized users can access accounts.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.