UPDATE 3/4/24: American Express clarified that it was a merchant processor who was hacked and not one of their service providers.
The company, under the name “American Express Travel Related Services Company,” has filed the American Express Data Breach notification with the state of Massachusetts. In this notification, they advise customers to be aware that their credit card information may have been compromised.
“We became aware that a third party service provider engaged by numerous merchants experienced unauthorized access to its system,”
“Account information of some of our Card Members, including some of your account information, may have been involved. It is important to note that American Express owned or controlled systems were not compromised by this incident, and we are providing this notice to you as a precautionary measure.”
Explains the American Express data breach notification.
Personal Customer Information Compromised in American Express Data Breach 2024
Due to the data breach, the hackers managed to gain access to crucial information, including American Express Credit Card account numbers, names, and card expiration data.
However, specific details regarding the number of affected customers, the identity of the breached merchant processor, and the exact timing of the attack remain unclear.
When requested for further information, American Express declined to disclose specifics about their business relationships and merchant partners, stating that they currently have no additional details to share.
The company has taken appropriate steps in response to the American Express credit card data breach . They have fulfilled their obligation by notifying the necessary regulatory authorities about the incident. Additionally, they are actively reaching out to the customers who have been affected by this breach.
“When we learn about a data security incident that impacts our customers, we promptly begin an investigation and notify the appropriate regulatory authorities, as required,”
“We also work to identify impacted customers and understand the specific impacts, and then notify them as required by applicable laws and regulations.
American Express in a statement BleepingComputer.
American Express has assured that customers will not bear any responsibility for fraudulent charges made using their credit cards. In light of the breach, American Express advises customers to diligently review their account statements for the next 12 to 24 months and promptly report any suspicious activity.
To enhance security measures, the company recommends enabling instant notifications through the American Express mobile app. This will ensure customers receive timely alerts about potential fraud and stay informed about their card usage.
Considering the possibility of stolen card information being sold on cybercrime platforms, it may be advisable for affected customers to request a new card number to mitigate any further risks.
