A confidential privacy watchdog investigation has found systemic failures with American Express’s technology security controls, exposing more than one million Australian cardholders to risks of privacy breaches, fraud, identity theft and physical harm.

The Office of the Australian Information Commissioner (OAIC) has been investigating American Express since March 2023 after a customer reported a man he briefly dated for using the company’s systems to unlawfully spy on his personal financial information.

The OAIC has investigated American Express. Credit: Edwina Pickles

American Express has long claimed the breach was limited to a “sole actor” and handled appropriately, but an interim report written by Privacy Commissioner Carly Kind has found systemic failures that affect most cus

See Full Page