Booking a train ticket is usually something most people don’t think twice about. Now it could come with real privacy risks after a reported data exposure tied to Amtrak.

A newly surfaced dataset linked to the company has appeared on Have I Been Pwned, a widely used site that tracks and verifies data breaches, suggesting customer information may now be circulating online. The company has not confirmed the full scope, but the situation is already drawing attention from security researchers.

For travelers, the bigger issue isn’t just what was taken. It is how that data can be used next.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

149 MILLION PASSWORDS EXPOSED IN MASSIVE CREDENTIAL LEAK

What we know about the Amtrak data breach

The breach was added to Have I Been Pwned on April 17, 2026, after a dataset attributed to Amtrak appeared online. According to that listing, the dataset includes more than 2.1 million unique accounts.

The exposed information listed by Have I Been Pwned includes email addresses, names, physical addresses and customer support records.

Separate reports suggest the total number of records could be significantly higher, with some estimates reaching up to 9.4 million, though that figure has not been confirmed by Amtrak.

Support interactions can reveal travel habits, preferences and past issues. That gives attackers more context to work with.

How the Amtrak data breach likely happened

The group linked to the attack, ShinyHunters, has a pattern. They often target cloud-based customer systems, especially platforms like Salesforce.

These systems store huge amounts of customer data in one place. That makes them efficient for businesses and valuable for attackers.

Attacks like this often involve exploiting access to cloud-based customer relationship management (CRM) environments rather than breaching internal networks directly.

In many cases, the breach does not require breaking into a company’s internal network. Instead, attackers exploit weak access controls, misconfigured settings or compromised credentials tied to cloud services.

Once inside, they can extract large datasets quickly and demand payment before releasing the data publicly.

Why the Amtrak data breach is different

Not all data breaches carry the same level of risk. This one stands out because of the type of information involved.

Basic contact details can already be used for spam. Add customer service history, and the situation changes. Attackers can reference real interactions to make their messages feel legitimate.

You might get an email that mentions a past trip, a refund request or a delayed train. It looks familiar. That is what makes it dangerous.

These tailored phishing attempts are far more convincing than generic scams.

HOW SCAMMERS BUILD A PROFILE ON YOU USING DATA BROKERS

What the Amtrak data breach means for you

If your data is part of this breach, the immediate risk isn’t someone logging into your account. The bigger concern is impersonation.

Attackers can use your information to build trust quickly. They may pose as Amtrak support, a travel partner or even a financial institution tied to a booking.

That increases the chance you click a link, share more details or approve a transaction without realizing what is happening.

Even if you have never had an issue before, this kind of exposure changes your risk profile.

We reached out to Amtrak for comment, but did not hear back before our deadline.

Why do companies keep facing this problem?

This breach highlights a larger issue with how companies manage data today. Many rely heavily on cloud platforms to store and organize customer information. These tools are efficient, but they also concentrate risk in one place.

A single misconfiguration or compromised login can open the door to millions of records.

As more businesses move to software-as-a-service (SaaS) platforms, attackers are following. The pattern is becoming more common, not less. 

How to check if your passwords were stolen

To see if your email was affected, visit Have I Been Pwned at haveibeenpwned.com. It is the first and official source for this newly added dataset.

• Enter your email address to find out if your information appears in the leak.
• When done, come back here for Step 1 below.

INSURANCE DATA BREACH EXPOSES SENSITIVE INFO OF 1.6 MILLION PEOPLE 

Ways to stay safe after a data breach

If your data may be part of this breach, a few smart moves now can lower your risk and help you stay ahead of scams that often follow.

1) Use strong, unique passwords for every account

If you reuse passwords, this is the moment to change that. A single leaked password can unlock multiple accounts. Use a password manager to generate and store complex passwords so you are not relying on memory or repeating the same login. Start with your email account first, since it can be used to reset passwords across many of your other accounts. Check out the best expert-reviewed password managers of 2026 at CyberGuy.com.

2) Turn on two-factor authentication

Two-factor authentication (2FA) adds a second layer of protection. Even if someone gets your password, they still need a code from your phone or app. Focus on email, banking and travel accounts first since those are common targets after breaches.

3) Watch for highly targeted phishing attempts

Be extra cautious with emails or messages that reference past trips or support requests. That level of detail can make scams feel real. Avoid clicking links or downloading attachments unless you are certain of the source. When in doubt, go directly to the company’s official website.

4) Monitor your financial and account activity

Check your bank accounts and credit cards regularly for unusual charges. Look for login alerts or password reset notifications you did not request. The faster you catch something, the easier it is to contain.

5) Use strong antivirus software on your devices

Strong antivirus software does more than scan for viruses. It can block malicious links, detect suspicious downloads and stop phishing attempts before they reach you. Keeping your devices protected adds an important layer between you and attackers trying to exploit stolen data. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

6) Remove your personal data from broker sites

Data brokers collect and sell your personal information, which increases your exposure after a breach. A data removal service can help reduce how much of your information is circulating online and make it harder for scammers to build detailed profiles about you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com/FreeScan

7) Use identity monitoring for early alerts

An identity monitoring service can track your personal information across databases and alert you to suspicious activity. That includes new accounts opened in your name or signs that your data is being misused. See my tips and best picks on Best Identity Theft Protection at CyberGuy.com

8) Freeze your credit for added protection

A credit freeze prevents anyone from opening new accounts in your name without your approval. It is one of the most effective ways to stop identity theft after a breach. You can place a freeze for free with the major credit bureaus and lift it anytime when needed.

Kurt’s key takeaways

The Amtrak breach is still unfolding, and key details remain unclear. What is clear is the direction these attacks are heading. They are becoming more targeted, more personal and harder to spot. For consumers, that means staying alert even when something looks familiar. For companies, it means tightening controls around the systems that hold the most sensitive data. You do not need to panic, but you do need to pay attention.

With breaches like this happening again and again, are companies doing enough to protect your personal information? Let us know by writing to us at CyberGuy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.

Amazon’s annual Gaming Week is bringing discounts on video games, accessories, and PC components through May 4th. This event is smaller than Amazon’s other sales, but there are some genuinely good deals. This year, we’ve found deals on popular titles like Elden Ring Nightreign, plus rare discounts on the Nex Playground console and on top-notch Nintendo Switch 2 controllers like the EasySMX S10. We’ve also found discounts on an assortment of laptops, monitors, and other gaming gear, some of which are happening at Amazon and other retailers, too.

You know that moment. You are driving along, and everything feels smooth. Then all of a sudden, your car hits a pothole you never saw coming.

It is frustrating. It can also be expensive and dangerous. Repairs add up fast, and unexpected road damage can lead to crashes.

Now, Waymo and Waze are trying to tackle that problem in a new way. Instead of waiting for people to report potholes after the fact, they want to detect them as they happen and help cities respond faster.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

RESEARCHERS CREATE REVOLUTIONARY AI FABRIC THAT PREDICTS ROAD DAMAGE BEFORE IT HAPPENS

How Waymo detects potholes behind the scenes

Waymo’s robotaxis already spend hours on the road each day. While they drive, they constantly scan their surroundings using cameras, sensors and onboard software. That same technology is now being used to identify potholes.

When a Waymo vehicle detects a road issue, that information is shared through Waze’s “Waze for Cities” platform. Cities and transportation departments can access the data at no cost. At the same time, the information shows up in the Waze app so drivers can see alerts as they approach a problem area.

There is also a human layer built in. Waze users can confirm or flag potholes, which helps improve accuracy over time. That combination of machine detection and real-world feedback creates a more reliable picture of road conditions. 

Why this is a big shift in how cities fix potholes

Most cities still rely on residents to report potholes through 311 systems or online forms. Crews then investigate and decide what to fix first. That process takes time and often leaves gaps. Some potholes go unreported. Others are reported too late. In many cases, cities end up reacting instead of getting ahead of the problem.

This new approach changes that. By using real-time data from vehicles already on the road, cities can see where issues are forming and respond more quickly. It also helps them spot patterns, which can improve how they plan repairs and allocate resources.

Where the Waymo and Waze pilot program is running

The partnership is still in its early phase, but it is already active in several major metro areas. The rollout includes the San Francisco Bay Area along with Los Angeles, Phoenix, Austin and Atlanta. These are places where Waymo already operates, which makes it easier to collect consistent data.

Even at this early stage, the system has already identified around 500 potholes across those cities. That gives you a sense of how much road damage can go unnoticed without constant monitoring.

Over time, the companies plan to expand into more regions, including areas where weather conditions make potholes more common.

PRIVATE AUTONOMOUS PODS COULD REDEFINE RIDE-SHARING

Why potholes are a bigger problem than they seem

Potholes may feel like a minor annoyance, but they have real consequences. They can damage tires, affect alignment and lead to costly repairs. In some cases, they contribute to accidents, especially when drivers swerve to avoid them or hit them at high speeds.

There is also a fairness issue. Areas that rely on resident reports may see uneven maintenance. Some neighborhoods get quicker fixes while others wait longer simply because fewer reports come in.

By combining automated detection with user input, this system aims to close those gaps and give cities a more complete view of road conditions.

What this means to you

You may not think much about the technology behind road maintenance, but it directly affects your daily drive. If this approach expands, it could lead to fewer surprise potholes and quicker repairs on roads you use every day. It may also mean better alerts in navigation apps, which gives you more time to react and avoid damage.

There is also a long-term benefit. Better data can help cities maintain roads more efficiently, which can reduce wear and tear on your car and lower the risk of unexpected repairs. At a broader level, it shows how data collected for one purpose can improve something completely different. In this case, the same systems that guide self-driving cars could make everyday driving safer for everyone.

Take my quiz: How safe is your online security?

Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my Quiz here: CyberGuy.com.

AIR TAXIS CUT HOUR-LONG COMMUTES TO MINUTES, RIDERS MAY BE SHOCKED BY THE PRICE

Kurt’s key takeaways

This might sound like a small idea at first. But it points to something much bigger. For years, cities have been playing catch-up when it comes to road maintenance. They rely on slow reports and limited data, which means problems often get fixed late or missed entirely. Now, that could start to change. With Waymo cars constantly scanning the roads, cities can tap into a steady stream of real-world data without having to build a whole new system from scratch. If this pilot works, it could change how cities stay on top of road repairs. And it is another example of how private tech is starting to shape public infrastructure in ways most people never see. That can be a good thing. But it also raises a bigger question about where that line should be drawn.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Have potholes ever cost you money or damage, and do you think tech like this could actually make a difference? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com. All rights reserved.