Wednesday, March 6, 2024

Smaller Bites – Connecting the Dots: American Express, Bank of America & Soros Funding, All Networking

American Express says customer data exposed in third-party breach

Cybernews.com

Updated on: March 04, 2024 8:31 PM

Image by Colin Hui | Shutterstock

https://cybernews.com/news/american-express-hit-by-third-party-data-breach/

American Express (Amex) credit card holders may have had some of their account information exposed via a third party breach, the company has disclosed.

The financial services and credit card giant filed a breach notification letter as “a precautionary measure” with the Massachusetts State Attorney Generals Office on March 4th.

An American Express spokesperson told Cybernews the “incident was not caused by a data breach” at the company of any of its service providers.

The breach was the caused by “a point-of-sale attack at a merchant processor in which American Express Card member data was impacted,” they said.

It has been reported the merchant processor at the center of the hack is used by the American Express Travel Related Services Company, one of the entities under the company’s travel services division.

The Amex notification letter states that the account information of some Card Members “may have been involved,” including:

§  Your name

§  American Express Card account number

§  Expiration date

This applies to credit card account numbers that are currently active or were previously issued, which means some customers may receive more than one letter about the incident, the company said.

Image by Cybernews.

The breach notification letter states that Amex was informed by the third-party service provider – which is used by numerous merchants – that it had “experienced unauthorized access to its system” but did not provide any specific dates.

“A courtesy notice of this incident was provided to the Massachusetts regulators due to impacts to American Express Card members residing in Massachusetts,” the spokesperson said.

Amex addresses card holders

“Protecting the security of our Card Members’ information is very important to us and we strive to let you know about security concerns as soon as possible,” American Express said.

American Express Card Members will not be liable for fraudulent charges on their accounts, and the company will take protective actions if it sees any unusual activity on an account, the spokesperson told Cybernews.

“We have sophisticated monitoring systems and internal safeguards in place to help detect fraudulent and suspicious activity.”

Amex is recommending customer regularly review and monitor their account activity, and immediately contact Amex if they detect any suspicious activity.

“For added protection, customers can receive free fraud and account activity alerts via email, SMS text messaging, and/or notifications through our app,” the spokesperson added.

Headquartered in lower Manhattan, American Express provides multiple banking services, such as online checking and savings accounts, to personal loans, as well as corporate and luxury travel programs.

There are over 121 million Amex card holders worldwide, according to the latest research by Zippia, with more than 50% of those card holders in the United States.

Third-party service providers need to be held accountable

Liat Hayun, CEO and co-founder of Eureka Security highlighted to Cybernews that the Amex breach is “coming just weeks after similar incidents at Bank of America.”

“This incident likely stemming from unauthorized system access… underscores the critical need for organizations to hold their service providers accountable for data security,” Hayun said.

Mid-February, it was revealed that the data of more than 50,000 Bank of America customers was exposed from a third party breach of the American financial services Infosys McCamish Systems (IMS).

The IMS breach which took place last November was eventually claimed by the LockBit ransomware gang.

It was the second third-party breach for Bank of America in 2023 – BOA fell victim to the infamous MoveIT hacks when accounting giant Ernst & Young was hit by the Cl0p ransom group, exposing another 30,000 customers.

“Lessons from past breaches highlight the importance of robust access controls,” Hayun said.

“While mapping access points for sensitive data can be complex, it's a crucial security measure that organizations must prioritize in alignment with their overall business objectives and compliance requirements,” she said.

Connecting the Dots:

James D. Robinson III was the chairman & CEO for the American Express Company (Bailout Company) and is an honorary trustee at the Brookings Institution (think tank).

Joan E. Spero was the EVP for the American Express Company (Bailout Company) and an honorary trustee at the Brookings Institution (think tank).

A.W. Clausen was an honorary trustee at the Brookings Institution (think tank) and the chairman & CEO for the Bank of America Corp.

Foundation to Promote Open Society was a funder for the Brookings Institution (think tank).

George Soros is the chairman for the Foundation to Promote Open Society.

Vernon E. Jordan Jr. is an honorary trustee at the Brookings Institution (think tank), a senior counsel for Akin, Gump, Strauss, Hauer & Feld, LLP, Valerie B. Jarrett’s great uncle and was a director at the American Express Company (Bailout Company).

Akin, Gump, Strauss, Hauer & Feld, LLP is the lobby firm for the American Express Company (Bailout Company).

Stephen J. Squeri is the group president for the American Express Company (Bailout Company) and a trustee at the Harlem Children's Zone.

George Soros was a benefactor for the Harlem Children's Zone and is the chairman for the Foundation to Promote Open Society.

Foundation to Promote Open Society was a funder for the Harlem Children's Zone, the International Rescue Committee and the ClimateWorks Foundation.

Thomas Schick is a director & overseer for the International Rescue Committee and the EVP for the American Express Company (Bailout Company).

Richard C. Levin is a director at the American Express Company (Bailout Company) and the vice chair for the ClimateWorks Foundation.

Resources: Past Research

American Express Company (Bailout Company) (Past Research on the American Express Company)

SUNDAY, NOVEMBER 3, 2013

https://thesteadydrip.blogspot.com/2013/11/american-express-company-bailout-company.html

Bank of America Reaches $17 Billion Mortgage Settlement with US (Past Research on Bank of America)

FRIDAY, AUGUST 22, 2014

https://thesteadydrip.blogspot.com/2014/08/bank-of-america-reaches-17-billion.html

No comments:

Post a Comment