Citigroup says customers' credit card data was hacked

Jos

Jos

Posts: 3,073   +97
Staff

Citigroup has acknowledged that a security breach last month gave hackers access to the account information of hundreds of thousands of its credit card customers.

The breach, which affected around 1% of Citi's U.S. customers, is the latest in a string of high profile attacks against big companies like Lockheed Martin, Epsilon, Google and Sony.

The issue was detected during routine monitoring in early May but it was only this week that the company began notifying customers. Citigroup did not release any information about the potential source of its breach, claiming they have been in contact with law enforcement but are not disclosing further details.

According to reports, the hackers were able to access general account information such as names, account numbers and email addresses, but the breach did not extend to Social Security numbers, dates of birth and credit card security codes. Neither Citigroup's debit card business nor its online banking operations were breached, apparently.

It's unclear if unauthorized charges have occurred so far, but naturally customers will not be liable for any misuse of their accounts. Affected customers are currently being notified and will receive replacement cards soon.

With hackers actively probing corporate networks for weaknesses, it seems customers are at the mercy of the entities that hold their information to have proper systems in place. The fact that the latest breach involves a bank is a big deal, but it is not the first time it's happened. According to the New York Times, there have been 288 publicly disclosed breaches at financial services companies exposing at least 83 million customer records over the last 6 years.

It isn't even the first time affecting Citigroup. In 2006, the group acknowledged that customer information had been breached through a third-party, and was forced to block PIN-based transactions for customers in Canada, Russia, and the United Kingdom. There were allegations of another breach in 2009 but Citi executives denied those claims.

Permalink to story.

https://www.techspot.com/news/44193-citigroup-says-customers-credit-card-data-was-hacked.html

 
Considering the 'predatory' practices of citibank I feel no sympathy for them. But unfortunately, it is their customers who are going to suffer from their stupidity with regard to security.
 
You would think that a bank would hash the crap out of any information that they possibly could. Just rehash the input data and compare. Instant prevention of hundreds if not thousands of accounts being compromised. I don't think you can bruteforce a 32 character password, so why would you be able to bruteforce a 32 character string of a name, address, and ssn.
 
You have no sympathy, Archean? I do... I know it's easy to think of a big company like it has it's own personality and accountability. And that's not inaccurate since that's what being incorporated means. But the people who work there are like you and me, and the customers are like you and me. I have sympathy for all the security staff who's probably working overtime right now to find and fix the holes, and all the staff who are scrambling to clean up this mess. I really doubt whatever marketing team that desgined those 'predatory' (do your quotes mean it's actually not?) practices is doing much.

I'm a citi customer and they've protected me from fraud a few times now, and they're customer support is great.

I just wish there were better ways to catch hackers.
 
Until semi-retirement, I worked in computer support.
The industry started with IBM and DEC VMS (and some others) as relatively secure OS's.
Then UNIX (designed by programmers, for programmers) came along and it took quite awhile to make that secure.
Then came WINTEL, and little by little security improved.
Now we have to deal with WWW and all the new mobile devices that by design are more susceptible to attacks.
The most secure device sits in a bank vault with no connection to the Internet.
 
Well Mil you need to read Financial Crisis Inquiry Commission of Riched M Bowen's proceedings with regard to Citi's lending practices, and its Consumer Lending Group's behavior/poor standards which brought the bank to its knees. In fact, in those days citi over-leveraged itself by something like 18.2 times when compared to its equity, which was beyond poor, to put it mildly. Kindly do remember that, when too much debt has been extended on too little capital, even a small decline in the value of bank's assets can significantly erode its capital and make it insolvent.

I don't want to indulge in boring financial debate here, but my point was not about the 'workers' of the bank, those poor folks hardly ever know what is being cooked by the top management, who in fact are the real thugs.

The most secure device sits in a bank vault with no connection to the Internet.
Click to expand...

With the condition that if the security is 'adequate' it may be true (oh and you forgot to add 'is the').
 
Milwaukeemike said:
I just wish there were better ways to catch hackers.
Click to expand...

Send them an e-mail telling them they won a date with Olivia Munn. Most of them would probably show up.
 
I wonder if it would be cheaper to just go back to using a filing cabinet system. This I understand, hackers are trying to get money. But I do not understand hackers who randomly destroy peoples computers. Its like walking up to a random persons house and throwing a brick through there window.
 
You must log in or register to reply here.

Similar threads

midian182
AT&T confirms data leak affecting 73 million customers - after spending two weeks denying it
Replies
5
Views
125
Karlos95
Karlos95
Shawn Knight
Xfinity data breach impacts over 35 million customers
Replies
6
Views
281
Neatfeatguy
N
A
Samsung UK customers affected by a year-long data breach
Replies
0
Views
239
Alfonso Maruccia
A

Latest posts

Back