Citi Not Only Waited To Tell Its Credit Card Customers About Data Breach, But It Was Almost Twice As Big A Breach As They First Admitted

Thursday, June 16, 2011 04:11
edit
Citi Not Only Waited To Tell Its Credit Card Customers About Data Breach, But It Was Almost Twice As Big A Breach As They First Admitted

Tags: privacy; security

The Citigroup credit card data breach exposed the private financial data of more than 360,000 customers, about 80 percent more than it reported last week, according to a statement the bank released late Wednesday night.

This Website Is For Financial Professionals Only


As of May 24, the bank began preparing to replace about 218,000 credit cards and to prepare notification letters to its customers. Those were mailed beginning June 3, but itwaited to notify the public until June 9. 

 

While the data thieves captured names, account numbers, and email addresses of 360,000 customers, they reportedly did not get Social Security numbers, expiration dates, or security codes on their  cards.

 

It will be interesting to see if Federal rules requiring disclsoure of breaches of personally identifiable information are used to penalize Citi.

 

 

 

 

Comments (3)

...
vguettlein
Doesn't the Government own ShittyBank? They'll give themselves a nice little slap on the wrist. There will perhaps be a sacrificial lamb. Then... it will be business as usual.
vguettlein , June 16, 2011
...
agluck
vguetttlein, testing our sense of humor, is being very caustic. The Citi breach may not actually have triggered federal laws requiring disclosure. There is a clear definition of PII (personally identifiable information) that triggers required disclosure. Will let you know if it becomes clearer.
agluck , June 17, 2011
...
vguettlein
My humblest apologies. They own my mortgage. Based on that experience I wouldn't give them my other lines of business.
vguettlein , June 17, 2011

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy