US-based fintech major
American Express
(Amex) has disclosed that some of the credit card holders may have had some of their account information exposed via a
third party breach
. According to a report by Cybernews, the financial services and credit card company has filed a breach notification letter as “a precautionary measure” with the Massachusetts State Attorney General's Office.
The report cited an American Express spokesperson saying that the “incident was not caused by a
data breach
” at the company or any of its service providers.
What caused the data breach
The breach was caused by “a
point-of-sale attack
at a merchant processor in which American Express Card member data was impacted,” the report noted.
This hack was reportedly caused by the merchant processor which is used by the American Express Travel Related Services Company. It's one of the entities under the company’s travel services division.
What the company has to say
In a notification letter Amex states that the account information of some Card Members “may have been involved,” tha included:
- Name
- American Express Card account number
- Expiration date
In a statement, the company spokesperson said: “Protecting the security of our Card Members’ information is very important to us and we strive to let you know about security concerns as soon as possible.
We have sophisticated monitoring systems and internal safeguards in place to help detect fraudulent and suspicious activity.
For added protection, customers can receive free fraud and account activity alerts via email, SMS text messaging, and/or notifications through our app.”
American Express Card Members also won’t be held liable for fraudulent charges on their accounts, the report added.
As per the latest research by Zippia, there are over 121 million Amex card holders worldwide and more than 50% of them live in the US.
In 2022, there were almost 1.5 million Amex credit card holders from India, reported the news agency Reuters.
English (US) ·