Report File
Date Issued
Submitting OIG
Amtrak (National Railroad Passenger Corporation) OIG
Other Participating OIGs
Amtrak (National Railroad Passenger Corporation) OIG
Agencies Reviewed/Investigated
Amtrak (National Railroad Passenger Corporation)
Report Number
OIG-WS-2024-341
Report Description
Amtrak notified our office February 16, 2024, of a potential data‐sharing incident. Our investigation found that an employee granted two third‐party email accounts access to an Amtrak OneDrive/SharePoint folder which contained 369 company files related to an Amtrak program. As a result of our investigation into the incident, the company took remedial action to optimize Microsoft tools for data loss prevention, conducted routine auditing and removal of guest accounts, completed additional security enhancements, and provided alerts for risky file sharing.
Report Type
Investigation
Questioned Costs
$0
Funds for Better Use
$0
Additional Details
