INVESTIGATION LEADS TO INFORMATION TECHNOLOGY SECURITY UPDATES
Amtrak notified our office February 16, 2024, of a potential data‐sharing incident. Our investigation found that an employee granted two third‐party email accounts access to an Amtrak OneDrive/SharePoint folder which contained 369 company files related to an Amtrak program. As a result of our investigation into the incident, the company took remedial action to optimize Microsoft tools for data loss prevention, conducted routine auditing and removal of guest accounts, completed additional security enhancements, and provided alerts for risky file sharing.