ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Amtrak Data Breach

amtrak.com
Significant exposure
Verified breach
Accounts exposed 2,147,679
Breach date 03 Apr 2026
Added to tracker 17 Apr 2026
Data classes 4

What happened

In April 2026, the hacking group ShinyHunters claimed they had breached Amtrak. The group typically compromises organisations' Salesforce instances before demanding a ransom and later, if not paid, dumping the data publicly. They subsequently published the alleged data which contained over 2M unique email addresses along with names, physical addresses and customer support records.

Exposed data

Email addresses Names Physical addresses Support tickets

Recommended actions

  • Watch for targeted phishing emails referencing Amtrak โ€” attackers weaponise breach data quickly.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP