The banking company Citigroup has admitted to a breach of their online systems, which allowed a hacker to view the names, email addresses and account numbers of 200,000 customers. However, the information did not include birth dates, PIN codes or similar sensitive information meaning it may not be possible for their accounts to be accessed and funds stolen.
Citigroup have now spoken to U.S. police to inform them of the breach, as well as increasing fraud procedures for their online banking. Affected customers are currently being contacted but the bank will not reveal if any suspicious transactions have been encountered since the incident.
Citibank have released the following statement:
“During routine monitoring, we recently discovered unauthorized access to Citi’s Account Online. A limited number – roughly one percent – of Citi bankcard customers’ account information (such as name, account number and contact information including email address) was viewed. The customer’s social security number, date of birth, card expiration date and card security code (CVV) were not compromised. We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event. For the security of these customers, we are not disclosing further details.”
As usual with incidents like this, the potential for phishing attacks on customers using 200,000 records is extremely severe. Anyone with an account at Citigroup should ensure all communication from them is official and not an attempt to accumulate your data in order to steal from your account.