Amtrak Data Breach: Expert Commentary

Amtrak, the public transportation unit, announced that it suffered a data breach causing Amtrak resets user passwords after Guest Rewards data breach. The data obtained from this breach consumer’s personal information.


EXPERTS COMMENTS
Sam Curry, Chief Security Officer,  Cybereason
June 03, 2020
From what I am reading, Amtrak has been proactive in its notification approach.
In the old days we used to say that “loose lips sink ships,” but in this day and age “a loose click kills quick” - and while details regarding Amtrak's reported breach are still being made public, only time will tell how many passengers are impacted by having their PII stolen. Amtrak is undoubtedly suffering in the current COVID-19 pandemic from a near halt of business and personal travel ....
[Read More >>]
Jason Kent, Hacker in Residence,  Cequence Security
June 03, 2020
These API-centric attacks will only continue to escalate as long as insecure endpoints are easily discovered, analyzed, and abused.
We've watched credential stuffing attacks escalate over the past few months, and sympathize with the impacted organizations who have to work to respond and reposition their platforms as 'secure and private.' While end-users certainly have a role to play in securing their accounts with strong passwords and multi-factor authentication, we believe that organizations also need to take a close look at ....
[Read More >>]
Robert Prigge, CEO,  Jumio
June 02, 2020
Biometric authentication (leveraging a user’s unique biological traits to verify identity) ensures only authorized users can access accounts.
Amtrak's breached Guest Rewards usernames and passwords have already been used by fraudsters to access accounts and view personal information. It's clear these traditional authentication methods can't be trusted to keep accounts secure, as cybercriminals can easily log in with stolen passwords, and there's no way to confirm the legitimate user is the one accessing the account. Amtrak's response to ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article