Citi: 360,000 accounts hacked
Source: Agencies |
June 17, 2011, Friday
|
Print Edition
Print Edition
Citigroup Inc said a cyber attack in May affected almost twice as many accounts as the bank's figures had initially suggested, as major US lenders come under growing pressure from lawmakers to improve account security.
A total of 360,083 North American Citigroup credit card accounts were affected by the breach, the third largest US bank by assets said in a statement released late on Wednesday.
Of those affected, some 217,657 customers were reissued with new cards along with a notification letter, while the remaining accounts were either inactive or had already received new cards earlier, the bank added.
Citigroup had earlier said that about 1 percent of its North American accounts were affected. The bank's annual report puts the total number of its customers at 21 million.
"It is mainly due to the actual number of accounts being more than what's in the 2010 annual report as well as variances such as some of the accounts being closed," United States-based Citi spokesman Sean Kevelighan said.
Customers had their names, account numbers and contact information accessed, but Citi said that "data critical to commit fraud was not compromised" and that other consumer banking online systems were not accessed.
Citigroup also said it identified "the majority" of accounts compromised within seven days, adding that the information was accessed on the accounts by May 24 but that it only started notifying customers of the breach in June.
"What Citi should have done upon finding out is to call for a press conference to announce the news, reassure customers that they take this in utmost seriousness, and to personally reach out to the affected customers," said Li-May Chew, associate research director at IDC Financial Insights.
The bank is the latest in a growing list of companies to face cyber attacks in recent months, with Sony, Google Inc and Lockheed Martin all having suffered under hackers this year.
In response to the latest bout of attacks, many banks have stepped up their security effort, with two Australia-based banks - ANZ and Westpac - replacing their customers' "SecurID" electronic keys earlier this month.
"Cyber hackers are no longer interested in just stealing money directly," said Edison Yu, industry manager at consultancy Frost and Sullivan.
"They are more interested in stealing peripheral information such as contact details and ID numbers that can be sold on the black market later," Yu said, adding that the global black market for e-mail addresses and national ID numbers is now worth about US$5 billion.
Regulators in many countries have also been preparing new measures on data security.
A total of 360,083 North American Citigroup credit card accounts were affected by the breach, the third largest US bank by assets said in a statement released late on Wednesday.
Of those affected, some 217,657 customers were reissued with new cards along with a notification letter, while the remaining accounts were either inactive or had already received new cards earlier, the bank added.
Citigroup had earlier said that about 1 percent of its North American accounts were affected. The bank's annual report puts the total number of its customers at 21 million.
"It is mainly due to the actual number of accounts being more than what's in the 2010 annual report as well as variances such as some of the accounts being closed," United States-based Citi spokesman Sean Kevelighan said.
Customers had their names, account numbers and contact information accessed, but Citi said that "data critical to commit fraud was not compromised" and that other consumer banking online systems were not accessed.
Citigroup also said it identified "the majority" of accounts compromised within seven days, adding that the information was accessed on the accounts by May 24 but that it only started notifying customers of the breach in June.
"What Citi should have done upon finding out is to call for a press conference to announce the news, reassure customers that they take this in utmost seriousness, and to personally reach out to the affected customers," said Li-May Chew, associate research director at IDC Financial Insights.
The bank is the latest in a growing list of companies to face cyber attacks in recent months, with Sony, Google Inc and Lockheed Martin all having suffered under hackers this year.
In response to the latest bout of attacks, many banks have stepped up their security effort, with two Australia-based banks - ANZ and Westpac - replacing their customers' "SecurID" electronic keys earlier this month.
"Cyber hackers are no longer interested in just stealing money directly," said Edison Yu, industry manager at consultancy Frost and Sullivan.
"They are more interested in stealing peripheral information such as contact details and ID numbers that can be sold on the black market later," Yu said, adding that the global black market for e-mail addresses and national ID numbers is now worth about US$5 billion.
Regulators in many countries have also been preparing new measures on data security.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
