National Railroad Passenger Corporation (Amtrak) in the United States is the victim of a ransomware claim attributed to the threat actor ShinyHunters, with over 9.4 million Salesforce records containing PII and other internal corporate data reportedly compromised. The attackers demand payment or leak and issue a final warning to contact them by 14 April 2026 to prevent leakage and the digital problems they threaten. #UnitedStates
Incident Details
- Victim: National Railroad Passenger Corporation (amtrak.com)
- Sector: Transportation/Logistics
- Country: US
- Actor: shinyhunters
- Source:
- Discovered: 2026-04-12 02:09:39.130840
- Published: 2026-04-11 11:10:00.000000
Information
- National Railroad Passenger Corporation (amtrak.com) β United States
- Actor: shinyhunters
- Over 9.4M Salesforce records containing PII and other internal corporate data have been compromised
- Demand: Pay or leak
- Final warning: contact by 14 Apr 2026 or data will be leaked and additional digital disruptions will follow
- Message: βMake the right decision, donβt be the next headline.β
- Updated: 11 Apr 2026 β Warning: FINAL WARNING PAY OR LEAK
Disclaimer: This post is based on public claims made by the ransomware group "shinyhunters". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.