200,000 Citi Accounts Hacked

June 9, 2011 7:50 AM from

Just saw this, folks and thought if any of you have an account with CitiBank, you might want to find out if your account data has been compromised.

“Citigroup Inc. said computer hackers breached the bank's network and accessed the data of about 200,000 bank card holders in North America, the latest of a string of cyber attacks on high-profile companies.

Citi said the names of customers, account numbers and contact information, including email addresses, were viewed in the breach, which the Financial Times (newspaper operates behind a paywall) said was discovered by the bank in early May.

However, Citi said other information such as birth dates, social security numbers, card expiration dates and card security codes (CVV) were not compromised.

"We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event," Sean Kevelighan, a U.S.-based spokesman, said by email.

"For the security of these customers, we are not disclosing further details."

Citigroup global enterprise payments head Paul Galant, who previously ran the bank's credit card unit, said in April that security breaches are a fact of life for financial institutions.

"Security breaches happen, they're going to continue to happen ... the mission of the banking industry is to keep the customer base safe and customers feeling secure about their financial transactions and payments," he told Reuters in an interview.” – MSNBC

This is rich. “Keep the customers feeling secure about their financial transactions and payments” indeed. The fact is, that’s just whitewash:

"It may be the bank's business, but it's the consumer's personal information so consumers deserve to be told about security breaches immediately," said Dan Simpson, a spokesman for Australia's Consumer Action Law Centre, an advocacy group.

"It's hard to see any reason why this sort of breach couldn't have been disclosed much sooner."

The reason is bad PR for the bank, mate. They’re more concerned for their stock options than the customer. Sound familiar?

Seems to me if there were a law making the Institution liable to reimburse every customer loss related to such a data theft without right of appeal, I think we’d see action really quickly. Don’t you?

Source: http://www.msnbc.msn.com/id/43335996/ns/business-personal_finance/

28,010 views 16 replies

Reply #1 June 9, 2011 8:07 AM from

Elemental Forums Top

Ahhh you clever lemmings, twittering and tweeting and digitizing Actuality! Who could trust a bankster anyway?

Reply #2 June 9, 2011 9:06 AM from

Elemental Forums Top

Banks are notoriously lenient with security. Here in Europe, cards still use BOTH magnetic strips AND chips. Magnetic strips allow simple replay attacks (you read number from the strip, password from the keyboard at ATM and voila - you are in). My own account was compromised like this once by a sniffer on an ATM machine. The bank covered it up - apparently, it's cheaper for them.

If cards used solely chips, replay attacks are no longer possible since chips use challenge and response scheme.

Btw do you know, what happened when this paper was published, revealing inherent flaws in used Pay and Chip autentication scheme?

http://www.cl.cam.ac.uk/~sjm217/papers/fc09optimised.pdf

The banks tried to coerce the rector of the Cambridge University to withdraw the paper and forbid its publishing. But the rector kicked them out of the door - to no small delight of mine. Damn corporate crooks, banks need strict regulations, bastards!

Start11 - Customize the Start Menu and Taskbar in Windows 10/11.

Reply #3 June 9, 2011 9:13 AM from

WinCustomize Forums Top

Another one for starkers. Oh how he hates them banksters. Hey....I like that...Banksters.

Reply #4 June 9, 2011 1:23 PM from

WinCustomize Forums Top

I guess people should just keep all their money at home to be safe now. No place is safe.

Reply #5 June 9, 2011 1:41 PM from

WinCustomize Forums Top

Maybe someone's just trying to pay off my student loans for me.

Reply #6 June 9, 2011 1:41 PM from

GalCiv2 Forums Top

Relax folks.

There is a 25% chance the Citi hackers were FBI informers who were probably recruiting noob cadets for their ever-growing cyberpatrol "by criminals, against criminals" organization. That or they were sniffing out some high earning tax cheaters.

Either way, for the loyal patriot (*insert chuckle here*), this latest 'hack' is for a good cause.

http://www.guardian.co.uk/technology/2011/jun/06/us-hackers-fbi-informer

And for the comment regarding the "home"... you effectively LEASE the land you reside on, never fully owning it. If you did truly own your piece of land, the government would be paying YOU a tax.

-.-

Reply #7 June 9, 2011 2:06 PM from

WinCustomize Forums Top

This post was meant to warn WC members/visitors that their info might have been compromised. I wouldn't "relax" about that since it might cost them.

Reply #8 June 9, 2011 2:47 PM from

JoeUser Forums Top

The reason is bad PR for the bank, mate. They’re more concerned for their stock options than the customer. Sound familiar?

End of quote

The Microsoft Syndrome - it does not exist until we have a solution to it.

As for the actual breech, I know they will eventually hit one of my banks, but I am so glad I have my cards with mostly minor players!

Reply #9 June 9, 2011 2:48 PM from

GalCiv2 Forums Top

Pardon.

Go-go- magick -banker!

Boo-boo-you-hacker-who-would-be-jailed-unless-Uncle-Sam-needs-you!

People would take out insurance policies to "protect" their info if it truly was that important to them. Proactive, not reactive.

"Relax, you're in good hands"....a smashing insurance commercial bit if I would say so myself.

-.-

Reply #10 June 9, 2011 5:18 PM from

WinCustomize Forums Top

A Thought:

At this point a person would probably want to be even more skeptical of emails from "Citibank" as likely phishing efforts. I do hope a bank never bothers to try to contact me by email, it's going to be deleted without being read.

Reply #11 June 9, 2011 5:21 PM from

WinCustomize Forums Top

Very good thought, Dave.

Reply #12 June 10, 2011 9:43 AM from

JoeUser Forums Top

Quoting DrJBHL, reply 11

Very good thought, Dave.

End of DrJBHL's quote

Agreed!

But it is not as though there were none before since I have been getting them for quite some time (and as indicated, I have no account with them).

Reply #13 June 10, 2011 10:23 AM from

Elemental Forums Top

Hackers seem to be sending out the feelers of late. Ever see 'The Net'? I wonder whose security 'stops' them.

Reply #14 June 10, 2011 5:03 PM from

WinCustomize Forums Top

Quoting Dr, reply 12

But it is not as though there were none before since I have been getting them for quite some time (and as indicated, I have no account with them).

End of Dr's quote

Ya I know. Mainly just a reminder. You just know somebody's going to get an email from "Citibank" and wonder "Gee, I wonder if they're trying to tell me my account's been hacked".

Reply #15 June 10, 2011 6:05 PM from

WinCustomize Forums Top

If these hackers steal my info they really are dumb asses...all they'll get is debt and will have to pay some off before they can steal anything else.

Reply #16 June 10, 2011 7:29 PM from

WinCustomize Forums Top

I used to think not having a bank account was a bad thing. Not anymore.

Welcome Guest! Please take the time to register with us.

Richer content, access to many features that are disabled for guests like commenting and posting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!