Citigroup says hackers access bank card data
Citigroup Inc said computer hackers breached the bank's network and accessed the data of about 200,000 bank card holders in North America, the latest of a string of cyber attacks on high-profile companies.
Citi said the names of customers, account numbers and contact information, including email addresses, were viewed in the breach. However, Citi said other information such as birth dates, social security numbers, card expiration dates and card security codes (CVV) were not compromised.
"We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event," Sean Kevelighan, a U.S.-based spokesman, said by email. "For the security of these customers, we are not disclosing further details."
In the brief email statement, Citi did not say how the breach had occurred.
Another Citi spokesman, James Griffiths in Hong Kong, said the breach had affected 1 percent of North American card customers, which the bank's annual report says total 21 million.
But like Japanese electronics and entertainment group Sony, which has declared several security breaches of its networks this year, Citi could come under fire for not telling customers sooner.
"It may be the bank's business, but it's the consumer's personal information so consumers deserve to be told about security breaches immediately," said Dan Simpson, a spokesman for Australia's Consumer Action Law Center, an advocacy group. "It's hard to see any reason why this sort of breach couldn't have been disclosed much sooner."
Citi said it had discovered the unauthorized access at Citi Account Online, an online banking service, through routine monitoring.
"It's definitely a serious security breach when that amount of data's been stolen from a bank," said Sydney-based Ty Miller, chief technology officer of Pure Hacking, a network security company.
Citigroup global enterprise payments head Paul Galant, who previously ran the bank's credit card unit, said in April that security breaches are a fact of life for financial institutions.
Source: Reuters
Date: 09.06.2011 [ID: 294]