Following a survey conducted by the Authorities, it was discovered that cardholder information American Express were exposed to unauthorized persons. The evidence that led the authorities to conduct the investigation and how these elements could have been reached by the fraudsters has not been clarified. Also unclear is whether American Express helped research.
From the research done, it was found that at least 500 individuals in California were affected by the incident. All affected people will receive a notification letter if they are not already, as required by the California law.
The information found to be affected includes the American Express card number of the card, the holder's name, expiration date, and SSN.
Number social security SSN, and the name of the holder, are sufficient as evidence for fraudsters to make profit from these data, taking advantage of the tax statements of individuals. Credit card numbers are marketed online on its website deep web. For these data, it is very likely, as the Authorities report, to have used one Phishing type method for interception their.
American Express has already taken measures to reduce the risk of the incident. The company also put in place a new credit card tracking system, which will send a notice in case of suspicious activity.
The recipients of the letter from AMEX will not be charged any card charges during the incident and will also receive a one-year free subscription to the security service.