Rail Product News
Media Kit » Try RailPrime™ Today! »
Progressive Railroading
Newsletter Sign Up
Stay updated on news, articles and information for the rail industry

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

View Current Digital Issue »


Rail News Home Security


Rail News: Security

Alaska Railroad reports cybersecurity breach

The breach occurred Dec. 25, 2022, and was discovered and contained March 18.
Photo – alaskarailroad.com


Alaska Railroad Corp. (ARRC) yesterday reported a cybersecurity incident occurred late last year when a third party gained unauthorized access to the company's internal data network.

On Dec. 25, 2022, the unauthorized user accessed and acquired personal information regarding ARRC vendors and current and former employees, including their dependents, ARRC officials said in a press release. The company's IT department discovered and contained the breach March 18.

The unauthorized user stole identifying information, including Social Security numbers, banking information, mailing addresses, email addresses and phone numbers, ARRC officials said. The information also could include driver's license or government-issued identification numbers, dates of birth, health insurance information, drug screening results, work evaluations and birth or marriage certificates.

ARRC is investigating the incident, but confirmed that the breach did not extend to a separate portion of the company's network that controls and contains data related to its passenger and freight operations. There is no indication that any riders' personal information was compromised, company officials said.

The railroad has put additional security measures in place to prevent a recurrence. ARRC notified those impacted and offered them free identity protection monitoring for two years.