Identity Theft

Citibank: Hack Attack Twice as Big as We Thought

Comments 0 Comments

More than 360,000 Citibank customers had their private information hacked last month, nearly double the company’s original estimate, according to a press release issued by the bank on Wednesday.

The hackers accessed customers’ names, account numbers and email addresses. They did not get to see other information especially useful for committing fraud, including Social Security numbers, dates of birth, card security codes and expiration dates, according to the bank.

The attack affected Citi’s Account Online system, but not the company’s main transaction processing network. The company assured consumers that they won’t have to pay for any fraudulent purchases resulting from the data breach.

“Our customers are not liable for any unauthorized use of their accounts,” Citi said in a press release.

The bank has been criticized by some, including Sen. Robert Menendez (D-N.J.), for taking three weeks to notify customers about the breach. In its statement, Citi said it responded as soon as the breach was detected, but that it required the analysis of “millions of pieces of data” before company researchers could figure out how much information the hackers accessed.

The attack was discovered on May 10. Citi told reporters about it on June 8, and the first notification letters were mailed to consumers on June 3. Most customers whose information was compromised received replacement credit cards.

[Tool: Quickly assess your risk of identity theft for free]

Image: Liam Dunn, via Flickr

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

Find out where you stand.
Get your FREE personalized credit report card.

Sign Up Now

Stay Connected to Our Experts

Please submit your email address to get credit & money tips & advice
from our team of 50+ experts, delivered weekly to your inbox.