A group of malicious hackers has leaked data from around 10,000 American Express cardholders in Mexico on a dark web hacking forum; the information is available to any interested party at no cost. As if that were not enough, those responsible for the filtration claim to have the information of the customers of some banks in Mexico such as Santander and Banamex.
The leak exposed the full numbers of the exposed cards, in addition to the personal records of all affected customers, including:
- Full names
- Phone numbers
- Email address
- Date of birth, among other details
Experts who have analyzed this leak mention that, so far, the publication of other sensitive financial data that could allow malicious use of compromised cards has not been detected. This is not to say that the information cannot be used against affected users, as this data is more than enough to deploy phishing or invasive marketing campaigns.
Although American Express has already received multiple requests for information, the company has not confirmed or denied a potential data breach, however, they point out that no fraudulent charges have been reported arising from this incident: “We are aware of these reports and will continue to investigate. At the moment we have no further comments.”
The company continues its message by mentioning that they have the most sophisticated security systems, so the accounts of affected users will be constantly monitored for any signs of malicious activity: “If we find evidence of fraudulent activity, we will take appropriate precautionary measures,” concludes the release.
American Express customers are advised to stay on top of any potential risks, monitor their email, text messages, and phone calls, as they may become targeted by a fraudulent campaign.
Details about hackers’ threats are unknown so far, although representatives of Santander or Banamex are expected to speak out in the coming days.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.