cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

American Express customers exposed in third-party breach

American Express customers are being notified that their account information may have been exposed after a third party suffered a data breach.

user icon Daniel Croft
Tue, 05 Mar 2024
American Express customers exposed in third-party breach
expand image

The world-renowned bank holding company disclosed the incident in a data breach notice filed with the state of Massachusetts this week.

“We became aware that a third-party service provider engaged by numerous merchants experienced unauthorised access to its system,” the notice read.

“Account information of some of our card members, including some of your account information, may have been involved.”


According to the notice, data affected in the incident includes current and former American Express card account numbers, names, and other card information, such as expiration dates.

American Express has said that in response to the breach, it is monitoring accounts carefully for instances of fraud, and in cases where fraudulent purchases are made, American Express said customers “are not liable.”

The financial services company also stressed that its own systems were not breached, rather that the systems of a third-party merchant used frequently by the company’s travel services division suffered a case of unauthorised access.

“It is important to note that American Express owned or controlled systems were not compromised by this incident, and we are providing this notice to you as a precautionary measure,” the company added.

The affected third party has not been disclosed, and it is also currently unknown just how many American Express customers have been exposed as a result of the breach.

American Express has advised those who believe they are affected to review their accounts for fraudulent transactions and activity for the next 12 to 24 months and enable American Express mobile app notifications. It has also suggested that those who witness fraudulent transactions or suspect their data has been stolen request a new card number.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.