Hackers of the Tunisian Cyber Army have found an SQL Injection vulnerability on the official website of American Express. They claim to have gained access to more than 2 GB of data.
Cyber War News has been provided with the details of the vulnerability and has found that the hackers’ claims are accurate.
It’s uncertain if American Express is aware of the hackers’ findings and if it plans on doing anything about it. However, as CWN highlights, this is not the first time such issues have been identified on its websites.
So far, no data has been leaked by the hackers, but they have written on Twitter that the “biggest data leak” is coming “soon.”
In January, the Tunisian Cyber Army managed to breach and deface a website of France’s Chamber of Commerce and Industry.