Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Amtrak

Amtrak Vendor Cyber Rating & Cyber Score

amtrak.com

Moving America Where it wants to go. We are not just a railroad; we are a company that moves people. With 21,000 route miles in 46 states, the District of Columbia and three Canadian provinces, Amtrak operates more than 300 trains each day – at speeds up to 150 mph – to more than 500 destinations. We move customers where they want to go by responding to their wants and needs. And by doing so, we connect communities, economies and families that make our nation great. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the Unites States. Our mission is to provide safe transportation in the most efficient way possible, while ensuring that our customers get a consistent, high quality


Amtrak A.I CyberSecurity Scoring

Amtrak
Company Information
Website:http://www.amtrak.com
Employees number:13,811
Number of followers:194,095
NAICS:482
Industry Type:Rail Transportation
Homepage:amtrak.com
Amtrak Risk Score (AI oriented)
Between 650 and 699
logo
AmtrakRail Transportation
Updated:
17/04/2026
668/1000
Weak
B
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Amtrak Global Score (TPRM)
xxxx
logo
AmtrakRail Transportation
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Amtrak
AmtrakWeak
Current Score
668B (WEAK)
01000
4 incidents
-95 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
577Before Incident
JUNE 2026
576Before Incident
MAY 2026
569Before Incident
APRIL 2026
747Before Incident
Breach
01 Apr 2026Amtrak
Amtrak: Have I Been Pwned’s Post

Amtrak Data Breach Exposes Over 2 Million Email Addresses in ShinyHunters Attack

667After Incident
CRITICAL-80
AMT1776407118
Amtrak Data Breach Exposes Over 2 Million Email Addresses in ShinyHunters Attack Earlier this month, U.S. rail operator Amtrak fell victim to a data breach attributed to the cybercriminal group ShinyHunters, with the compromised data surfacing this week. The exposed dataset includes over 2 million email addresses, along with names, physical addresses, and customer support ticket details. Approximately 80% of the leaked email addresses were already indexed in LinkedIn’s database, suggesting prior exposure in other breaches. The incident highlights the risks of overlapping personal data across platforms, as threat actors increasingly exploit aggregated information for targeted attacks. ShinyHunters, known for large-scale data theft and leaks, has previously targeted organizations across sectors, selling or distributing stolen records on underground forums. The breach underscores the persistent threat posed by cybercriminal groups specializing in credential harvesting and identity-related fraud. No official statement from Amtrak regarding the breach’s impact or mitigation efforts has been released at this time. The incident adds to a growing list of high-profile breaches in 2024, reinforcing concerns over data security in critical infrastructure and service providers.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Credential harvesting and identity-related fraud
IMPACT
Data Compromised: Over 2 million email addresses, names, physical addresses, and customer support ticket detailsIdentity Theft Risk: High
DATA BREACH
Email addressesNamesPhysical addressesCustomer support ticket detailsNumber Of Records Exposed: Over 2 millionSensitivity Of Data: HighPersonally Identifiable Information: Yes
MARCH 2026
747Before Incident
FEBRUARY 2026
746Before Incident
JANUARY 2026
745Before Incident
DECEMBER 2025
743Before Incident
NOVEMBER 2025
744Before Incident
Breach
28 Nov 2025Amtrak
23andMe Nets Approval for Bankruptcy Plan With Data Breach Deals

23andMe Data Breach and Bankruptcy Settlement

634After Incident
CRITICAL-110
23A1764346412
Fallen DNA testing firm 23andMe won court approval of a bankruptcy plan that includes settlements to provide up to $62 million to resolve thousands of data breach claims. Judge Brian C. Walsh of the US Bankruptcy Court for the Eastern District of Missouri approved the plan in a Wednesday order, overruling most creditor objections and challenges from data breach victims. Many of those former customers’ objections were deemed moot or premature, and several of them didn’t appear at a court hearing on the plan. Objections from the Justice Department’s bankruptcy watchdog and a coalition of state attorneys general were resolved ...
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Financial Loss: $62 million (settlement amount)
DATA BREACH
Type Of Data Compromised: Customer Data (likely including genetic and personally identifiable information)Sensitivity Of Data: High (genetic and personal data)
OCTOBER 2025
743Before Incident
SEPTEMBER 2025
743Before Incident
AUGUST 2025
742Before Incident
JULY 2020
726Before Incident
Breach
24 Jul 2020Amtrak
National Railroad Corporation (Amtrak)

Amtrak Data Breach

653After Incident
MEDIUM-73
AMT653080525
The Maine Office of the Attorney General reported a data breach involving the National Railroad Corporation (Amtrak) on November 4, 2020. The breach, which occurred on July 24, 2020, involved an external system breach (hacking) affecting a total of 49,289 individuals, of which 214 were Maine residents. Amtrak offered 12 months of identity theft protection services through Experian to affected individuals.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal InformationIdentity Theft Risk: High
DATA BREACH
Type Of Data Compromised: Personal InformationSensitivity Of Data: High
APRIL 2020
780Before Incident
Breach
16 Apr 2020Amtrak
Amtrak

Amtrak Data Breach

722After Incident
LOW-58
AMT329072625
The California Office of the Attorney General reported a data breach involving Amtrak on May 28, 2020. The breach occurred on April 16, 2020, and unauthorized access was gained to Amtrak Guest Rewards accounts, potentially exposing usernames and passwords, but not financial data, credit card information, or Social Security numbers. The number of individuals affected is currently unknown.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
usernamespasswords
DATA BREACH
usernamespasswords

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Amtrak ?
?
What was Amtrak's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Amtrak's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Amtrak's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Amtrak ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Amtrak's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?