Security & Fraud

Amex Suffers Breach In India

Amex India Database Accessible in October

American Express India enabled a database to be accessible to anyone for longer than five days in October, according to a report in The Next Web.

According to the report, the Hacken cyber consultancy team’s director of cyber risk research, Bob Diachenko, discovered the unprotected database on Oct. 25, and told The Next Web that it included customer names, phone numbers, addresses, PAN numbers and Aadhaar IDs.

Diachenko said the database was mostly encrypted, but that certain data sets included readable data. The largest had 689,272 records available in plain text, noted the report. The researchers said the Amex MongoDB database had been available on BinaryEdge – a popular list of exposed databases – since Oct. 20, but potentially even longer.

The report noted that Amex’s database was already available to the public five days before Diachenko found it. Diachenko said that he found an additional 2.3 million records that were encrypted and were managed by a third-party company instead of Amex’s own team. Amex reportedly fixed the problem as soon as it received the alert, and said the encryption prevented any access and impact to customer data.

In October, American Express posted results that showed increases in card member spending and lending activity. Overall, billed business gained 8 percent to $294.7 billion, filings showed. (Billed business is defined as transaction volume, including cash advances.) The company said in its release that total card member spending was up 8 percent, and 10 percent when adjusted for FX.

In terms of headline numbers, American Express posted a profit of $1.88, which beat expectations by $.11. Revenues of $10.1 billion edged expectations of $10.05 billion. Discount fees, which are charged to merchants, stood at $6.2 billion, gaining 8 percent for the year. Top-line segmentation showed that total consumer services revenues, net of interest expense, was $5.4 billion, while commercial services was $3.2 billion.


Latest Insights: 

The Which Apps Do They Want Study analyzes survey data collected from 1,045 American consumers to learn how they use merchant apps to enhance in-store shopping experiences, and their interest in downloading more in the future. Our research covered consumers’ usage of in-app features like loyalty and rewards offerings and in-store navigation, helping to assess how merchants can design apps to distinguish themselves from competitors.


To Top