The Inquirer-Home

Citigroup delayed disclosure of a financial hack attack

Thousands of customers are at risk
Thu Jun 09 2011, 10:21

ONE OF THE BIGGEST BANKS in the US, Citigroup suffered a network hack back in May that left the data of thousands of its customers at risk.

News of the hack was first discovered by the Financial Times, and the bank said that one per cent of its card customers were affected. Considering that the bank has around 21 million customers in North America that works out to around 200,000 customers.

The breach occurred at Citi Account Online, which carries information like names, account numbers and email addresses. However, social security numbers, birth dates, card expiration dates and CVV codes are kept elsewhere.

The type of data taken means that the hackers don't have enough information to start making charges on customers' account, but with account numbers and contact details they have enough data to conduct some very convincing spear phishing attacks.

This is why Citigroup's reluctance to disclose details of the breach, which happened back at the start of May, is rather disappointing. It could have kept customers much better informed about potential scams.

The first six months of this year have seen a wave of attacks on large corporations, with Sony suffering a series of hacks that must now number in two digit figures.

Citigroup's hack was probably done for financial purposes, but recently hackers have gone after military data as well, as RSA and Lockheed Martin can attest. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Coding challenges

Who’s responsible for software errors?