Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
The Almighty Buck Crime Privacy Your Rights Online

American Express Warns Customers About Breach -- From 2013 (csoonline.com) 32

itwbennett writes: In a notification letter dated March 10, American Express warned cardholders that their account information might've been exposed after a third-party service provider suffered a data breach — in December 2013. The company says they are monitoring accounts for fraud and advise cardholders to do the same, but they offer no explanation for the delay.
This discussion has been archived. No new comments can be posted.

American Express Warns Customers About Breach -- From 2013

Comments Filter:
  • The company says they are monitoring accounts for fraud and advise cardholders to do the same, but they offer no explanation for the delay.

    Probably because some of the data from the breach was recently seen on the various black-market sites that sell the information.

  • by Anonymous Coward

    Unlike Visa and Mastercard, who do nothing but process cards and pass all the lending risk to the banks, American Express loans out their own money. They know about a breach and fail to do anything about it, they're the ones eating the bill.

  • someone forgot to put a cover sheet on the TPS report. ;)

  • Big company data breaches these days pretty regularly expect lawsuits to result. While some of them (Amex is probably included) mostly avoid responsibility by including no-class-action and arbitration clauses in their contracts, they are still going to make sure every word of an announcement like this is vetted by their litigation counsel.

    That means that explanations that may be used against them in court are not going to be included.

    It also means that this announcement is written to consumers, but it is a

  • There simply has to be some way that a second party can be paid without without revealing details about the first party. Hopefully somebody is working on a solution to this obvious weakness in secured transactions.

  • I already noticed when I got my credit card bill years ago with a ton of fraud charges. My situation might have been unique as I'd never used my Amex card (being in Canada, there aren't a lot of places that take it). They told me they already knew that I had been a fraud victim and reversed all the charges without be having to do anything.
  • by aglider ( 2435074 ) on Thursday March 17, 2016 @02:09AM (#51713353) Homepage
    They ran out of gas!
    Th -- they had a flat tire!
    They didn't have enough money for cab fare!
    Their tux didn't come back from the cleaners!
    Some old friend of theirs came in from out of town!
    Someone stole their car!
    There was an earthquake!
    A terrible flood!
    Locusts!
    Hackers!

    IT WASN'T THEIR FAULT, THEY'VE SWORN TO GOD!
  • by l0n3s0m3phr34k ( 2613107 ) on Thursday March 17, 2016 @03:38AM (#51713515)
    Whomever this company is needs to be named. TFA mentions that this is the same data Affinity Gaming reported, and now their suing the ITSEC corp Trustwave whom they hired to contain the breach [arstechnica.com] since Trustwave failed and Affinity got hit again. This article [lowcards.com] says that it was a breach of the card processing system used for non-gambling (hotel, food, etc) purchases, so it appears this "third party" is a credit card processor that sits in between Affinity and AMEX.

    I'm betting AMEX isn't the only card company hit in this, but there are so many data breaches unless you work in credit card ITSEC you probably don't keep good enough track of it all to tie it all together. It could be CK Systems [cksystem.com], they are a CC processor that got hit in 2013.
  • Amex sent me the letter regarding the breach. After seeing they wanted me to closely watch my account activity for the next 12 to 24 months, I concluded I it was more effort than I was willing to expend. I contacted Amex to get more information regarding the breach. They, understandably, would not / could not offer more information and stated there is an ongoing investigation. After telling the nice lady their recommendations were more than I was willing to do, I asked for a replacement card. It was ei

"It's ten o'clock... Do you know where your AI programs are?" -- Peter Oakley

Working...