On March 28, American Express' website went offline for at least two hours during a distributed denial of service attack. A group calling itself "the cyber-fighters of Izz ad-Din al-Qassam" claimed responsibility for the attack, which began at about 3:00pm Eastern Time.
In a statement, an American Express spokesperson said, "Our site experienced a distributed-denial-of-service (DDoS) attack for about two hours on Thursday afternoon...We experienced intermittent slowing on our website that would have disrupted customers' ability to access their account information. We had a plan in place to defend against a potential attack and have taken steps to minimize ongoing customer impact."
The American Express DDoS is part of a new wave of attacks started two weeks ago by the Izz ad-Din al-Qassam group, which launched a larger campaign targeting US financial institutions that began last September. The group's alleged goal is to force the take-down of an offensive YouTube video—or extract an ongoing price from American banks as long as the video stays up, which could be indefinitely.