March 4, 2024 at 05:25PM
American Express notified customers of a breach involving a third-party service provider. The company’s own systems were not compromised, but credit card information such as account numbers and names are at risk. Potentially affected users are advised to monitor their accounts for fraudulent activity and enable notifications on the American Express Mobile app. CEO Liat Hayun highlighted the importance of robust access controls and service provider accountability.
From the meeting notes, the key takeaways are as follows:
1. American Express has notified customers of a data breach involving a third-party service provider used by its travel services division.
2. The breach compromised credit card information such as account numbers, names, and expiration dates, putting affected users at risk of fraudulent activity.
3. American Express advises potentially affected users to review their accounts for fraudulent activity over the next 12 to 24 months and to enable notifications on the American Express Mobile app.
4. Liat Hayun, CEO and co-founder of Eureka Security, highlighted the importance of holding service providers accountable for data security in the wake of the breach.
5. The Bank of America breach, involving a ransomware attack on its third-party provider, Infosys McCamish Systems, affected at least 57,028 customers, potentially compromising sensitive information including Social Security numbers and addresses.
6. American Express has provided tips for users to protect their information and has assured that they will not be held liable for fraudulent charges on their accounts.
Please let me know if you need any further information or if there’s anything specific you’d like to focus on!