Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
American Express Global Business Travel

American Express Global Business Travel Vendor Cyber Rating & Cyber Score

amexgbt.com

Business travel doesn’t just move people from A to B, it helps ideas and innovation move forward, too. And with the most valuable marketplace, software, and services in travel, there is nowhere they can’t go with American Express Global Business Travel. With us, your Great Ideas Travel. GBT Travel Services UK Limited (GBT UK) and its authorized sublicensees (including Ovation Travel Group, Egencia and CWT) use certain trademarks and service marks of American Express Company or its subsidiaries (American Express) in the “American Express Global Business Travel” and “American Express GBT Meetings & Events” brands and in connection with its business for permitted uses only under a limited license from American Express (Licensed Marks). The


AEGBT A.I CyberSecurity Scoring

AEGBT
Company Information
Website:https://go.amexgbt.com/home
Employees number:31,764
Number of followers:360,047
NAICS:5615
Industry Type:Travel Arrangements
Homepage:amexgbt.com
AEGBT Risk Score (AI oriented)
Between 700 and 749
logo
AEGBTTravel Arrangements
Updated:
01/04/2026
733/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
AEGBT Global Score (TPRM)
xxxx
logo
AEGBTTravel Arrangements
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

AEGBT
AEGBTModerate
Current Score
733Ba (MODERATE)
01000
5 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
743Before Incident
JUNE 2026
742Before Incident
MAY 2026
742Before Incident
APRIL 2026
734Before Incident
MARCH 2026
734Before Incident
FEBRUARY 2026
735Before Incident
JANUARY 2026
735Before Incident
DECEMBER 2025
736Before Incident
NOVEMBER 2025
734Before Incident
OCTOBER 2025
733Before Incident
SEPTEMBER 2025
732Before Incident
AUGUST 2025
732Before Incident
JULY 2018
635Before Incident
Breach
05 Jul 2018AEGBT
American Express Travel Related Services Company, Inc.

American Express Travel Related Services Company, Inc. Data Breach

577After Incident
CRITICAL-58
AME331072925
The California Office of the Attorney General reported a data breach involving American Express Travel Related Services Company, Inc. on August 2, 2018. The breach occurred on July 5, 2018, due to unauthorized access to personal information on the Orbitz travel booking platform, potentially affecting customer names, payment card information, email addresses, and physical addresses. An estimated number of individuals affected has not been specified.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
customer namespayment card informationemail addressesphysical addressesOrbitz travel booking platform
DATA BREACH
customer namespayment card informationemail addressesphysical addressescustomer namesemail addressesphysical addresses
OCTOBER 2017
668Before Incident
Breach
01 Oct 2017AEGBT
American Express Travel Related Services Company, Inc.

American Express Data Breach via Orbitz

610After Incident
CRITICAL-58
AME027091825
The California Office of the Attorney General disclosed a data breach affecting American Express Travel Related Services Company, Inc., linked to a third-party platform, Orbitz. The incident involved unauthorized access to sensitive customer data, with the breach occurring on October 1, 2017, but reported on March 22, 2018. Compromised information included full names, payment card details, dates of birth, phone numbers, email addresses, physical addresses, and gender. The breach exposed customers to risks such as identity theft, financial fraud, and phishing attacks, given the breadth of personal and financial data accessed. While the exact number of affected individuals was not specified in the report, the nature of the exposed data—particularly payment card information—suggests significant potential for misuse. The delay in detection (over five months) further exacerbated vulnerabilities, allowing attackers prolonged access. The incident underscored weaknesses in third-party vendor security, as the breach originated from Orbitz’s systems, indirectly impacting American Express customers who had used its travel services.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Full namePayment card informationDate of birthPhone numberEmail addressPhysical addressGenderIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Personal Identifiable Information (PII)Payment Card InformationSensitivity Of Data: HighData Exfiltration: YesFull nameDate of birthPhone numberEmail addressPhysical addressGender
MARCH 2016
682Before Incident
Breach
01 Mar 2016AEGBT
American Express Travel Related Services Company, Inc.

American Express Third-Party Merchant Data Breach (2016)

624After Incident
HIGH-58
AME1000091725
The California Office of the Attorney General disclosed a data breach affecting American Express Travel Related Services Company, Inc. in March 2016. The incident involved unauthorized exposure of Card Members' account information at a third-party merchant. Compromised data may have included card numbers, names, and expiration dates, though the exact number of impacted individuals and the breach method were not publicly revealed. While no evidence suggested misuse of the exposed data, the breach posed risks such as potential financial fraud or identity theft for affected customers. The exposure of payment card details—even without additional personal identifiers—heightens vulnerabilities in financial transactions, potentially damaging customer trust and the company’s reputation. American Express likely initiated investigations and mitigation measures, such as card reissuance or monitoring services, to limit further harm. However, the lack of transparency regarding the breach’s scope and origin left uncertainties about the full extent of the incident’s impact.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
card numbernameexpiration dateIdentity Theft Risk: Potential (due to exposed card details)Payment Information Risk: High (card numbers and expiration dates exposed)
DATA BREACH
payment card datapersonal identification dataSensitivity Of Data: HighData Exfiltration: Likely (not explicitly confirmed)name
MAY 2015
724Before Incident
Breach
27 May 2015AEGBT
American Express Company

American Express Travel Related Services Company Data Breach

665After Incident
CRITICAL-59
AME817072825
The California Office of the Attorney General reported a data breach involving American Express Travel Related Services Company, Inc. on May 27, 2015. The unauthorized access potentially compromised customer Card account numbers and names, but Social Security numbers were not impacted. The specific date of the breach is not available.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Card account numbersNames
DATA BREACH
Card account numbersNames
MARCH 2014
772Before Incident
Breach
25 Mar 2014AEGBT
American Express Company

American Express Data Breach (2014)

710After Incident
CRITICAL-62
AME1004091725
The California Office of the Attorney General disclosed a data breach affecting American Express Travel Related Services Company, Inc. and/or its affiliates. The incident involved the potential compromise of customer payment card details, including American Express Card account numbers, cardholder names, and expiration dates. While the breach exposed sensitive financial data, no Social Security numbers or other highly sensitive personal information were reported as impacted. The exact date of the breach remains undisclosed, but it was officially reported on March 25, 2014. The exposed data poses risks such as fraudulent transactions, unauthorized card usage, or phishing attempts targeting affected customers. Although the breach did not involve broader identity theft (e.g., SSNs), the leakage of payment card details alone can lead to financial losses for customers and reputational damage for American Express. The company likely faced regulatory scrutiny and was required to notify affected individuals, implement remediation measures, and enhance security protocols to prevent future incidents. The breach underscores vulnerabilities in payment card data protection, particularly within travel-related financial services.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Card account numbersNamesExpiration datesIdentity Theft Risk: Low (no SSNs compromised)Payment Information Risk: High (card details exposed)
DATA BREACH
Payment card data (account numbers, names, expiration dates)Sensitivity Of Data: High (payment card details)Personally Identifiable Information: Partial (names only; no SSNs)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for AEGBT ?
?
What was AEGBT's A.I Rankiteo Cyber Score in June 2026 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in May 2026 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in April 2026 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in March 2026 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in February 2026 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in January 2026 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in December 2025 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in November 2025 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in October 2025 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in September 2025 ?
?
What was AEGBT's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on AEGBT's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with AEGBT ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view AEGBT's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?