Amex Customer Data Exposed in Third-Party Breach

  /     /     /  
Publicated : 23/11/2024   Category : security


Amex Customer Data Exposed in Third-Party Breach


The breach occurred through a third-party service provider frequently used by the companys travel services division.



American Express is notifying its customers that their credit cards were exposed in a breach involving a third-party service provider.
In a
data breach notification
filed with the state of Massachusetts, the American bank holding and financial services company notes that its own systems were not compromised by the incident. 
The breach instead occurred through a provider frequently used by the companys travel services division.
Credit card information such as American Express card account numbers, names, and expiration dates are at risk, and users should expect follow-up contact from the company if they have more than one American Express card involved in the breach. 
Anyone who has been potentially affected should review their accounts for fraudulent activity periodically over the next 12 to 24 months. Users should also enable notifications from the American Express Mobile app to stay up to date with their account activity. 
The recent data breach impacting American Express customers, coming just weeks after similar incidents at Bank of America, underscores the critical need for organizations to hold their service providers accountable for data security, said Liat Hayun, CEO and co-founder of Eureka Security, in an emailed statement. Lessons from past breaches highlight the importance of robust access controls, as this incident likely stemmed from unauthorized system access.
The
Bank of America breach
that Hayun referred to was a leak that occurred just last month after a ransomware attack breached one of its third-party providers, Infosys McCamish Systems (IMS), affecting at least 57,028 customers. Though IMS reported that it would not be able to determine with certainty precisely what information was compromised, it likely included sensitive material such as Social Security numbers, names, addresses, dates of birth, and other private information.
American Express has provided tips in its letter to users to protect their information and assures that should users find fraudulent activity on their accounts, they will not be held liable for those charges.

Last News

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Amex Customer Data Exposed in Third-Party Breach