American Express credit cards exposed in third-party data breach. American Express is warning customers that credit cards were exposed in a third-party data breach after a merchant processor was hacked. 3/4/24: Article updated with further clarification from American Express that it was a merchant processor who was hacked, not one of their service providers. This incident was not caused by a data breach at American Express, but rather at a merchant processor in which American Express Card member data was processed. Third-party company: A Merchant Processor.