The credit card company discovered the breach March 25 when authorities notified the company that large files containing customer information had been posted online, seemingly by members of the group Anonymous. It's uncertain when the attack occurred. The California attorney general's office posted a description of what happened and what the firm is writing to customers.
The company said it is notifying affected consumers and has placed additional fraud monitoring on their accounts. Customers are not liable for fraudulent charges, American Express stressed. Data may include account number, the card expiration date, the date the card became effective and the four-digit code printed on the front of the card, according to a company statement.
Affected customers should also check their credit reports and credit scores for sudden drops, which can be an indication of fraud. Even if you're not concerned about a data breach, monitoring account transactions, credit reports and credit scores should be a regular part of managing your finances. Credit.com has free, easy-to-use tools that allow you to check your credit scores.