American Express Credit Cards HACKED in Third Party Vendor Data Breach

American Express is alerting its customers about a data breach in which hackers accessed personal credit card information through a third-party vendor.

Credit card account numbers, names and other information, such as the expiration date of “some customers,” have been compromised, the financial services company shared in a letter filed with the state of Massachusetts.

The incident occurred at the company’s American Express Travel Service, which allows customers to book flights, hotels and other reservations through an online portal.

American Express encourages all cardholders to check their statements and alert the company if fraudulent charges have occurred.

Anneke Covell, Chief Privacy Officer, wrote: ‘We became aware that a third-party service provider engaged by numerous merchants experienced unauthorized access to their system.

“It is important to note that American Express-owned or controlled systems were not compromised by this incident, and we are providing this notice out of an abundance of caution.”

The letter does not detail the number of people affected or when the incident occurred.

While information about the breach is scarce, it appears that American Express sent letters to customers with compromised credit cards.

“At this time, we have been informed that your current or previously issued American Express Card account number, your name, and other Card information, such as the expiration date, may have been compromised,” the notice reads. signed by Covell.

American Express said beepcomputer which has submitted appropriate notification to regulatory authorities following the hack.

“When we learn of a data security incident affecting our customers, we immediately begin an investigation and notify the appropriate regulatory authorities as necessary,” American Express told BleepingComputer.

“We also work to identify affected customers and understand the specific impacts, and then notify them as required by applicable laws and regulations.

DailyMail.com has contacted American Express for comment.

The financial company noted in the letter that customers who participated in the breach “are not responsible for fraudulent charges” made on their credit cards.

To check if their American Express card may have been compromised, users are urged to log into their accounts to look for unusual charges and turn on notifications to stay up to date with information about the breach.

The incident occurs less than two years after another that affected 1.2 million customers who had their card number, expiration data, CCV, telephone number, address, social security number and other personal data stolen.

American Express said the 2022 breach was implemented by a third-party merchant, allowing sensitive information to leak to the dark web.