American Express is notifying some customers that their card member information may have been compromised, including names, account numbers and expiration dates.
The global payments and travel company, also known as Amex, reportedly filed a notice to customers with the Office of the Attorney General in California on March 10, 2016.
Signed by American Express Chief Privacy Officer (CPO) Stefanie Ash, the notice explained the corporation became aware that a certain third party service provider, which engages with numerous merchants, experienced unauthorized access to its systems.
“It is important to note that American Express owned or controlled systems were not compromised by this incident, and we are providing this notice to you as a precautionary measure,” said Ash.
The company noted it is “vigilantly monitoring” customer accounts for fraud, and told customers they would not be held liable for fraudulent charges, if they should occur.
The notice stated customers could receive more than one letter regarding the incident if more than one of their American Express Card accounts were affected.
Cardholders are also advised to carefully review their account statements and sign up to receive instant notifications of potential suspicious activity.
Amex did not disclose details on the number of records compromised or the third party involved.
“Especially in today’s environment, we understand that your security is paramount,” said Ash.
“We are strongly committed to protecting the privacy and security of your information and regret any concern this may have caused you. As always, thank you for your trust in us, and for your continued Card Membership,” read the notice.