American Express reports third party vendor breach, cards data exposed

American Express has reported to its customers that a data breach at a third-party vendor has compromised their personal credit card information. The incident occurred at a service provider associated with the American Express Travel Service, a platform that enables customers to make bookings for flights, hotels, and more, using an online portal.

American Express emphasized that the breach did not penetrate systems owned or controlled by American Express.

The breach exposed:

• account numbers,
• names,
• credit card details such as expiration dates

AmEx hasn't disclosed the number of affected individuals, it only stated that it impacts "some of its customers".

American Express clarified that the breach stemmed from a point of sale attack at a merchant processor, impacting data related to American Express card members, but hasn't named the third party vendor that was hit.

American Express reassures customers that they would not be held responsible for any fraudulent charges on their cards.