American Express Ordered to Fix Security After Employee Spied on Customer

The Australian Privacy Commissioner ordered American Express to fix security weaknesses in five of its data systems after finding the company failed to protect against insider threats. An employee was able to spy on a customer's information because the company didn't have proper restrictions on which employees could access specific customer data.

This was especially concerning for vulnerable and high profile customers who need extra privacy protection. This affects American Express cardholders, particularly those in Australia where this investigation took place.

If you have an American Express card, this means employees may have had access to your account information, transaction history, and personal details even when they had no legitimate business reason to view it. The privacy investigation revealed that the company's security systems were not strong enough to prevent curious or malicious employees from snooping on customer accounts.

If you're an American Express cardholder, here's what to do:

1. Review your recent account statements carefully for any unauthorized transactions or suspicious activity.
2. Check your account settings and ensure all contact information is current so you receive alerts about account changes.
3. Consider setting up transaction alerts through the American Express app or website so you're notified of every purchase.
4. If you notice anything unusual on your account, contact American Express immediately and ask for a detailed review of who accessed your account information. For broader protection with any financial account, remember that insider threats are real. Employees at banks, credit card companies, and other financial institutions sometimes abuse their access to customer data. Choose companies that take privacy seriously, enable all available security features on your accounts, and monitor your statements regularly. If a company experiences a privacy violation or gets ordered to improve security, that's actually a good sign that regulators are watching and forcing improvements.