The California Office of the Attorney General reported on November 20, 2012, that American Express Travel Related Services Company, Inc and/or its Affiliates experienced a data breach on August 3, 2012, involving unauthorized access to a merchant's website. The affected data files may have included American Express Card account numbers, names, and expiration dates, but Social Security numbers were not impacted.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-37017
TPRM report: https://www.rankiteo.com/company/american-express
"id": "ame355080425",
"linkid": "american-express",
"type": "Breach",
"date": "8/2012",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Financial Services',
'name': 'American Express Travel Related Services '
'Company, Inc and/or its Affiliates',
'type': 'Company'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'type_of_data_compromised': ['American Express Card account '
'numbers',
'names',
'expiration dates']},
'date_detected': '2012-08-03',
'date_publicly_disclosed': '2012-11-20',
'description': "Unauthorized access to a merchant's website resulting in a "
'data breach involving American Express Card account numbers, '
'names, and expiration dates.',
'impact': {'data_compromised': ['American Express Card account numbers',
'names',
'expiration dates']},
'references': [{'date_accessed': '2012-11-20',
'source': 'California Office of the Attorney General'}],
'title': 'American Express Data Breach',
'type': 'Data Breach'}