Citigroup hit by second data breach in four months

News

Citigroup hit by second data breach in four months

Warwick Ashford

Citigroup has confirmed the personal data of over 92,000 customers of Citi Cards Japan (CCJ) has been obtained illegally and sold to a third party in the second breach in the Citigroup fold in the past four months.

Information was allegedly obtained by a supplier and includes account number, name, address, phone numbers, date of birth, gender and date the account was opened. But Citigroup said security information, including personal identification numbers (PINs) and card security codes, was not included and the breach affects CCJ customers only.

Citigroup claimed the risk of fraud is minimal due to the absence of security information. However the bank added that it is monitoring all accounts for suspicious credit card transactions.

CCJ is informing all customers affected by letter and on its website, and has undertaken to re-issue credit cards if requested.

Citigroup has also promised to take "firm action" against parties involved in the information theft, but has given no details of how the customer information was stolen.

In June, the company was forced to re-issue cards to many of the 360,000 Citi Cards customers in the US affected by a breach of Citigroup’s online accounts system in May.

Citigroup Bank investigators found hackers had accessed customer details, including name, account number and contact information. As in the latest breach in Japan, the bank said the data critical to commit fraud, such as the card security code, was not compromised.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy