American Express is warning customers that credit cards were exposed in a third-party data breach after one of its service providers was hacked. In the data breach notification filed with the state of Massachusetts, Amex said the breach occurred at one of its service providers used by their travel service division, American Express Travel Related Services Company.
Darren Williams, CEO and Founder, BlackFog had this comment:
“The potential impact of the American Express data breach is not yet known, as it is unclear whether customers’ data was simply accessed or if it has been exfiltrated through the third party provider. If the sensitive data of customers, including card numbers and expiration dates, has been exfiltrated by attackers, it can be used to not only make fraudulent purchases, but also to extort customers into further payments. All service providers who hold customer data should be investing in threat intelligence and anti data exfiltration technology to avoid attacks just like these.”
Since American Express filed a data breach notification, I assume that more details will be forthcoming. Because this data breach could be bad, or really really bad. And it is in everyone’s best interests to find out which.
Related
This entry was posted on March 4, 2024 at 12:36 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
American Express Service Provider Pwned Exposing American Express Customer Data
American Express is warning customers that credit cards were exposed in a third-party data breach after one of its service providers was hacked. In the data breach notification filed with the state of Massachusetts, Amex said the breach occurred at one of its service providers used by their travel service division, American Express Travel Related Services Company.
Darren Williams, CEO and Founder, BlackFog had this comment:
“The potential impact of the American Express data breach is not yet known, as it is unclear whether customers’ data was simply accessed or if it has been exfiltrated through the third party provider. If the sensitive data of customers, including card numbers and expiration dates, has been exfiltrated by attackers, it can be used to not only make fraudulent purchases, but also to extort customers into further payments. All service providers who hold customer data should be investing in threat intelligence and anti data exfiltration technology to avoid attacks just like these.”
Since American Express filed a data breach notification, I assume that more details will be forthcoming. Because this data breach could be bad, or really really bad. And it is in everyone’s best interests to find out which.
Share this:
Like this:
Related
This entry was posted on March 4, 2024 at 12:36 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.