TechSpot

Citigroup says customers' credit card data was hacked

By Jos
Jun 10, 2011
Post New Reply
  1. Citigroup has acknowledged that a security breach last month gave hackers access to the account information of hundreds of thousands of its credit card customers.

    Read the whole story
     
  2. example1013

    example1013 TS Enthusiast Posts: 280

    Wow, looks like someone managed to have security worse than PSN (well, other than Sony Pictures).
     
  3. Archean

    Archean TechSpot Paladin Posts: 6,056   +76

    Considering the 'predatory' practices of citibank I feel no sympathy for them. But unfortunately, it is their customers who are going to suffer from their stupidity with regard to security.
     
  4. Win7Dev

    Win7Dev TS Booster Posts: 363   +40

    You would think that a bank would hash the crap out of any information that they possibly could. Just rehash the input data and compare. Instant prevention of hundreds if not thousands of accounts being compromised. I don't think you can bruteforce a 32 character password, so why would you be able to bruteforce a 32 character string of a name, address, and ssn.
     
  5. MilwaukeeMike

    MilwaukeeMike TS Evangelist Posts: 2,116   +722

    You have no sympathy, Archean? I do... I know it's easy to think of a big company like it has it's own personality and accountability. And that's not inaccurate since that's what being incorporated means. But the people who work there are like you and me, and the customers are like you and me. I have sympathy for all the security staff who's probably working overtime right now to find and fix the holes, and all the staff who are scrambling to clean up this mess. I really doubt whatever marketing team that desgined those 'predatory' (do your quotes mean it's actually not?) practices is doing much.

    I'm a citi customer and they've protected me from fraud a few times now, and they're customer support is great.

    I just wish there were better ways to catch hackers.
     
  6. Until semi-retirement, I worked in computer support.
    The industry started with IBM and DEC VMS (and some others) as relatively secure OS's.
    Then UNIX (designed by programmers, for programmers) came along and it took quite awhile to make that secure.
    Then came WINTEL, and little by little security improved.
    Now we have to deal with WWW and all the new mobile devices that by design are more susceptible to attacks.
    The most secure device sits in a bank vault with no connection to the Internet.
     
  7. Archean

    Archean TechSpot Paladin Posts: 6,056   +76

    Well Mil you need to read Financial Crisis Inquiry Commission of Riched M Bowen's proceedings with regard to Citi's lending practices, and its Consumer Lending Group's behavior/poor standards which brought the bank to its knees. In fact, in those days citi over-leveraged itself by something like 18.2 times when compared to its equity, which was beyond poor, to put it mildly. Kindly do remember that, when too much debt has been extended on too little capital, even a small decline in the value of bank's assets can significantly erode its capital and make it insolvent.

    I don't want to indulge in boring financial debate here, but my point was not about the 'workers' of the bank, those poor folks hardly ever know what is being cooked by the top management, who in fact are the real thugs.

    With the condition that if the security is 'adequate' it may be true (oh and you forgot to add 'is the').
     
  8. gwailo247

    gwailo247 TechSpot Chancellor Posts: 2,105   +18

    Send them an e-mail telling them they won a date with Olivia Munn. Most of them would probably show up.
     
  9. treetops

    treetops TS Evangelist Posts: 1,684   +60

    I wonder if it would be cheaper to just go back to using a filing cabinet system. This I understand, hackers are trying to get money. But I do not understand hackers who randomly destroy peoples computers. Its like walking up to a random persons house and throwing a brick through there window.
     
  10. captaincranky

    captaincranky TechSpot Addict Posts: 10,804   +916

    Citibank is actually the only bank I've ever received an actual phishing email attempting to use their name.
     
  11. Leeky

    Leeky TS Evangelist Posts: 4,378   +98

    I get them all the time from Natwest, Lloyds TSB and Barclay's Bank Captain. :)
     
     
  12. hahaha

    That is funny
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.