SoylentNews

Fnord666 [soylentnews.org] writes:

American Express Customer Info Accessed by Employee for Possible Fraud

An American Express employee is being investigated for accessing card holder information and potentially using it to open accounts at other financial institutions.

Starting on September 30th, 2019, American Express began sending out data breach notifications to cardholder members whose information was fraudulently accessed by an employee.

According to this notification, an employee was accessing the information for cardholders and potentially using it to perform identity theft by fraudulently opening accounts at other financial institutions.

"It was brought to our attention that personal information, related to your American Express Card account listed above, may have been wrongfully accessed by one of our employees in an attempt to conduct fraudulent activity, including potentially opening accounts at other financial institutions. In response, we immediately launched an investigation and are fully cooperating with law enforcement agencies to further their investigation."

The information that was accessed for affected members includes the full name, physical and/or billing address, Social Security numbers, birth dates, and the credit card number.

While the notifications are titled "Notice of Data Breach", this is not the same type of data breach that we commonly report on. No systems were hacked or databases stolen.

Instead this was an employee of American Express accessing information when they were not supposed to in order to use it for fraudulent purposes.

Source: BleepingComputer [bleepingcomputer.com]

Original Submission