10,000 Mexican American Express customer accounts were leaked by a hacker who threatens to spread more.

January 6, 2021

Coming out of a very intense year with a wide variety of attacks and cybercrimes against companies’ networks of different sizes does not mean that 2021 will be any different. The global pandemic has everyone vulnerable, and even though 2020 ended, the constant fight against cybercrime continues. New year, new beginning? Not if we are talking about data breaches, those will continue...

2021 began with the news that a hacker leaked data from 10,000 American Express accounts for free on a hacker forum. Although it is still too soon to know the impact, the corporation issued a statement saying American Express has sophisticated monitoring systems and internal safeguards in place to help detect fraudulent and suspicious activities. "If we see that there is unusual activity that could be fraud, we will take protective measures," the bank added. Until this moment, AE has neither denied nor confirmed the leak but shared that no cardholder is liable for fraudulent charges.

According to the Bank Security portal, the fraudster provided data such as names, addresses, phone numbers, credit card numbers, gender, etc. of the American Express customers cards at no charge. It is stated that the actor claimed to expose even more data of Mexican banking customers belonging to American Express, Santander, Banamex, and other Mexican financial institutions.

Experts on cybersecurity expressed that the criminal exposed this data for spam marketing purposes. In the hacking forum, after offering the data for free, he wrote the following: “I do not sell private data such as password, card information, identification number. With the data that I sell or share, you are only exposed to spam or marketing”. At this time, customers, and the general public are informed to take care of their accounts and take measures to prevent intrusions that put the integrity of their data at risk. At the same time, American Express customers are advised to constantly monitor their email, text messages, and phone calls as they could be the next target of a fraudulent campaign.

So far and with what has been found in different media, it is expected that specialists will study the case in detail and provide more information about what could have happened and its consequences.

Representatives from Santander and Banamex are expected to comment on the matter in the upcoming days.


  • Gutiérrez, J. (2021, January 04). Difunde 'hacker' en internet datos de clientes de American Express. Retrieved from: https://www.jornada.com.mx/notas/2021/01/04/economia/comparten-en-internet-datos-de-clientes-de-american-express/
  • Sasso, F. (2021, January 05). Hacker publica miles de cuentas de American Express México. Retrieved from: https://es-us.finanzas.yahoo.com/noticias/hacker-publica-miles-cuentas-american-160101778.html
  • Sharma, A. (2021, January 5, 2021). Hacker posts data of 10,000 American Express accounts for free. Retrieved from  https://www.bleepingcomputer.com/news/security/hacker-posts-data-of-10-000-american-express-accounts-for-free/

Authored by
Jorge Daniel Tejeda