American Express says hackers stole a bunch of customer data

American Express
Reuters/Mike Blake

American Express is warning some customers that their personal details may have been exposed due to a data breach of a third-party service provider.

Advertisement

A notification letter filed with the California Attorney General's office on March 10 explains the credit card company became aware "that a third party service provider engaged by numerous merchants experienced unauthorized access to its system" — meaning that a hacker/hackers likely gained access to a database and downloaded customer info.

The letter didn't offer specifics as far as to what the cybercriminals stole, other than saying that "some" account information, "may have been involved." The company says in the letter the data apparently includes customer account numbers, names, and other card information.

The breach occurred on Dec. 7, 2013, but it did not involve American Express-owned systems.

The number of customers affected was not immediately apparent, but California law states these breach notification letters need to be given to the attorney general if more than 500 people in the state are affected.

Advertisement

American Express did not immediately respond to a request for comment.

Advertisement
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.

Jump to

  1. Main content
  2. Search
  3. Account