Citibank confirms hacking attack

Citi logo The bank is under fire for not telling customers about the May breach

Related Stories

Hackers have stolen data from thousands of Citibank customers in the US, the bank has confirmed.

The breach exposed the names of customers, account numbers and contact information.

But other key data, such as date of birth and card security codes were not compromised, the bank said in a statement.

Citigroup is the latest in a string of high profile companies to be targeted by cyber criminals.

It has been criticised for not telling customers about the breach when it happened in May.

"We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event," a Citi spokesman said in a statement to the Reuters news agency.

High alert

Around 1% of the bank's 21m account holders were affected - around 210,000 individuals.

The statement did not detail how the breach had occurred.

Security experts said the thieves may try to get hold of more information from those targeted.

"While Citi customers aren't likely to have fraudulent charges against their accounts as a result of this breach, they are likely to encounter social engineering attempts to enable further crime," blogged Chester Wisniewski, a consultant for security firm Sophos.

"Customers affected by this incident should be on high alert for scams, phishing and phone calls purporting to be from Citibank and their subsidiaries," he added.

Citigroup in the latest firm to be hacked in recent weeks. Japanese electronics group Sony is still recovering from the theft of millions of pieces of data from its network.

While security firm RSA has offered to replace the 40 million secure tokens used by people to log into banks after it emerged that key data that operates them had been stolen in March.

More on This Story

Related Stories

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.