Credit Card Fraud: American Express blames third-party vendor for data breach, says report

livemint.com:

Amex Data Breach: American Express (Amex), a leading financial services and credit card company, disclosed a data breach on March 4, which they said impacted some cardholders. The company emphasised that its own systems were not compromised, but rather, the issue stemmed from a third-party merchant processor.

According to a report by Cybernews, Amex filed a precautionary data breach notification with the Massachusetts Attorney General's Office. The company spokesperson clarified that the incident "was not caused by a data breach at American Express or any of its service providers." Also Read | Ex-Amex CRO Priyadarshi Dutta joins Stashfin The report revealed that the breach originated from "a point-of-sale attack at a merchant processor" used by the American Express Travel Related Services Company.

The compromised information reportedly included names, card account numbers, and expiration dates for some card members. Also Read | The ghost of credit risk spooks Amex investors In a notification letter, Amex acknowledged that the information of some card members "may have been involved." The company emphasised its commitment to security and stated, "We strive to let you know about security concerns as soon as possible." Also Read | American Express Membership Rewards Credit Card: From rewards to eligibility; all you need to know Amex highlighted its robust security measures, including monitoring systems and safeguards to detect fraudulent activity.

The company also offers free fraud and account activity alerts through various channels. Furthermore, Amex assured card members that they wouldn't be held liable for fraudulent charges on their accounts.