Amex Cardholder Data Exposed in Third-Party Breach
American Express (Amex), a leading financial services giant, revealed a data breach on March 4th affecting some cardholders. The company clarified that the breach stemmed from a third-party merchant processor, not a compromise of Amex's own systems.
Cybernews reports that Amex filed a data breach notification with the Massachusetts Attorney General's Office. An Amex spokesperson emphasized, "this incident was not caused by a data breach at American Express or any of its service providers."
Breach Originates with Merchant Processor
The compromised data reportedly includes cardholder names, account numbers, and expiration dates. It's believed the breach resulted from a "point-of-sale attack" on a merchant processor used by the American Express Travel Related Services Company.
Amex Acts, Customers Protected
Amex acknowledged in a notification letter that "the information of some card members may have been involved." The company highlights its commitment to security and proactive monitoring measures. Amex assures cardholders they will not be held liable for fraudulent charges.
Potential Global Impact
With millions of cardholders worldwide, this breach highlights the ongoing risks in the digital landscape. Consumers and financial institutions alike must remain vigilant to protect sensitive information.