American Express card data exposed in third-party breach

2024-12-25 23:08:13 source:lotradecoin focus category:Invest

Michigan AG Nessel offers tips to avoid identity theft
Michigan AG Nessel offers tips to avoid identity theft 02:51

American Express Co. has told an undisclosed number of cardholders that their account information may have been breached in a recent hacking of a merchant processor. 

Current and previously issued American Express Card account numbers, expiration dates and customer names may have been compromised, AmEx stated in a notice filed last week with Massachusetts regulators. 

"A third party service provider engaged by numerous merchants experienced unauthorized access to its system," Anneke Covell, AmEx's vice president, U.S. & AENB privacy, stated in the notice. "American Express owned or controlled systems were not compromised by this incident." 

AmEx said it's actively monitoring the potentially impacted accounts for fraud, and stressed customers are not liable for fraudulent charges. The New York-based financial services company urged customers to review their accounts for fraudulent activity, sign up to get instant notifications of potential suspicious activity and to make sure their contact information is current. 

There are different circumstances under which financial institutions may report incidents, according to AmEx, which cited a blog post on the Massachusetts state website. "For example, a financial institution may report an incident that occurred at a retailer where the consumer used their bank-issued card," the company said.

In responding to a request for further comment, AmEx declined to disclose the number of those potentially impact nor the geographical reach of the breach.

"The incident that you are inquiring about occurred at a merchant processor and was not an attack on American Express or an American Express service provider, as some media outlets have erroneously reported. Because customer data was impacted, American Express provided notice of the incidents to Massachusetts agencies and impacted customers who reside in Massachusetts," a spokesperson stated in an email.

"We have sophisticated monitoring systems and internal safeguards in place to help detect fraudulent and suspicious activity. If we see there is unusual activity that may be fraud, we will take protective actions," the spokesperson noted.

Customers who notice any suspicious activity on their account can call: 1-855-693-2213. 

    In:
  • Data Breach
Kate Gibson

Kate Gibson is a reporter for CBS MoneyWatch in New York.

More:Invest

Recommend

California judges say they’re underpaid, and their new lawsuit could cost taxpayers millions

California judges make a good living. They earn at least $240,000 and can count on a raise just abou

U.S. destroys last of its declared chemical weapons

The last of the U.S. declared chemical weapons stockpile was destroyed in eastern Kentucky at a mili

Kate Spade 24-Hour Flash Deal: Get This $300 Crossbody Bag for Just $59

We independently selected these deals and products because we love them, and we think you might like