Travel Breaches Expose 2.1 Million Amtrak Accounts and Other Booking Data to Scammers
Updated
Updated · Fox News · Jul 2
Travel Breaches Expose 2.1 Million Amtrak Accounts and Other Booking Data to Scammers
3 articles · Updated · Fox News · Jul 2
Summary
Hundreds of thousands of travelers had booking details exposed this spring, with scammers in some cases sending messages quoting real hotel names and check-in dates before breach notices arrived.
Travel bookings often bundle names, addresses, trip dates, payment details and sometimes passport numbers, giving criminals enough information to mimic hotels, airlines or family emergencies convincingly.
Recent incidents span Booking.com in April 2026, Amtrak with more than 2.1 million accounts exposed, Carnival in June affecting nearly 6 million people, and a 2025 KLM-Air France third-party breach.
The weak point is often not the brand itself but hotel staff accounts, customer-service vendors or a single compromised user account, making the problem an industry-wide partner-chain risk.
Recommended defenses include verifying booking messages through official sites, using credit or virtual cards, enabling alerts and 2FA, deleting stored passport or card data, and setting a family code word.