American Express warns customers about third party data breach

American Express has sent affected customers a warning that “a third party service provider engaged by numerous merchants experienced unauthorized access to its system.”

In a subsequent update, American Express explained that it was not a service provider, but a merchant processor that suffered the breach.

The account information of some card holders may have fallen into the wrong hands. The accessed information includes account numbers, names, and card expiration dates.

Further details about which merchant processor was involved and how, are not available at the time of writing.

American Express said it notified the required regulatory authorities and is alerting impacted customers. The company also told BleepingComputer that if a card member’s credit card is used to make fraudulent purchases, customers won’t be responsible for the charges.

American Express is advising customers to carefully review their account for fraudulent activity. Below are some steps you can take to protect your account.

  • Login to your account at americanexpress.com/MYCA to review your account statements carefully and remain vigilant in doing so, especially over the next 12 to 24 months.
  • If your card is active, sign up to receive instant notifications of potential suspicious activity by enabling Notifications in the American Express Mobile app, or signing up for email or text messaging at americanexpress.com/accountalerts.
  • Make sure American Express has your correct mobile phone number and email address so the company can contact you if needed.
  • If you receive an email relating to American Express that you believe could be fraudulent, immediately forward it to UKemailfraud@americanexpress.com. Do not include your account number in the email.

Beware of scammers

Scammers are always on the lookout for data breaches as it presents an opportunity for phishing. There are a few tips to keep in mind.

  • American Express will never ask for sensitive account details by email or phone.
  • Do not install software when asked out of the blue, especially if it reaches you as an email attachment.
  • Scammers will always invoke a feeling of urgency. Don’t let scammers rush you into making wrong decisions.
  • Keep your anti-malware software and security patches up-to-date to prevent fraudsters accessing your details via your computer.
  • If you’re an Android user, be wary of screen overlays on your devices that could capture entered information while you think you are in the actual app. Screen overlays are hard to recognize but on Android you can check Settings > Apps & notifications > Special access > Draw over other apps. (Note that the path may be slightly different depending on your Android version and the phone vendor.) Once there you can review all apps that have the option to “draw over” other apps and see whether or not they have the permission to do so.

Data breach

There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

  • Check the vendor’s advice. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer.
  • Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you.
  • Enable two-factor authentication (2FA). If you can, use a FIDO2-compliant hardware key, laptop or phone as your second factor. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device can’t be phished.
  • Watch out for fake vendors. The thieves may contact you posing as the vendor. Check the vendor website to see if they are contacting victims, and verify any contacts using a different communication channel.
  • Take your time. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.
  • Set up identity monitoring. Identity monitoring alerts you if your personal information is found being traded illegally online, and helps you recover after.

Digital Footprint scan

If you want to find out how much of your own data is currently exposed online, you can try our free Digital Footprint scan. Fill in your email address (it’s best to submit the one you most frequently use) and we’ll send you a report.


We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using Malwarebytes Identity Theft Protection.

https://blog.malwarebytes.com/feed/