Citigroup admits breach, warns customers about phishing
Citigroup has finally made public the fact that it suffered a breach into its systems in May and that the names of some 200,000 customers, their account numbers and contact information has been compromised by the attackers, reports Reuters.
Luckily for those customers (and for Citi), the intruders have failed to access and exfiltrate data such as Social Security numbers, birth dates, card expiration dates and card security codes.
Even though the gathered data can’t be used to compromise the customers’ accounts directly, Citi is reaching out to the customers and warning them about the possibility of being targeted with spear phishing emails or offers to unknowingly download malicious payloads such as banking Trojans and other malware.
Citi didn’t reveal how the intrusion happened, but says that it “has implemented enhanced procedures to prevent a recurrence of this type of event.”