Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security IT

Citi Bank Reveals Attack... One Month Late 111

Posted by CmdrTaco from the yeah-sorry-about-that dept.
An anonymous reader writes "Is account security a thing of the past? Quote: 'We're talking a fairly serious hack, too. The personal and account information of some 200,000 Citibank card holders in North America was breached, reports Reuters, including contact specifics like names and email addresses. The solitary bit of good news? Citibank claims far more sensitive info like social security numbers, birth dates, card expiry dates and CVV card security codes was not compromised.'"
This discussion has been archived. No new comments can be posted.

Citi Bank Reveals Attack... One Month Late More

Citi Bank Reveals Attack... One Month Late

Comments Filter:

  • How do they know?? (Score:5, Interesting)

    by jmd_akbar ( 1777312 ) on Thursday June 09, 2011 @10:46AM (#36388034)
    that

    social security numbers, birth dates, card expiry dates and CVV card security codes was not compromised.'"

  • Were they PCI compliant? (Score:5, Interesting)

    by hawguy ( 1600213 ) on Thursday June 09, 2011 @11:08AM (#36388306)

    Did the systems that had the data stolen meet PCI compliance guidelines? If not, can I levy non-compliance fines on the bank for not following their own standards for protection of cardholder data?

  • The way Google could do it (Score:5, Interesting)

    by RobertLTux ( 260313 ) <robert AT laurencemartin DOT org> on Thursday June 09, 2011 @11:20AM (#36388462)

    find a good sized but stressed bank and then just go ahead and BUY IT.

    advantages for Google
    1 no need to burn time/money on building the "stuff" needed for a bank
    2 instant access to millions of new customers (have as part of the deal that the bank hosts email on google servers)
    3 this would be a real established bank

    advantages for the Bank
    1 tens of millions new customers (they would logically be the default bank for GWallet)
    2 point and click dibs on the GProfiles of everybody with a Google Account
    3 "native" access to the google server farm network

  • Personal Experience (Score:5, Interesting)

    by Lucidus ( 681639 ) on Thursday June 09, 2011 @11:47AM (#36388960)

    My sister was affected by this a few weeks ago, and I wondered that there was nothing on the news about it at the time.

    She got a call saying that her account might have been compromised, and that a new card was on the way. Early on the day after she received the replacement card, and before she had even activated it, there was another call telling her that the new account number had already been used to make several purchases.

    Clearly this was a serious breach that continued over at least several days, and was not the fault of a merchant, as they tried to claim.

  • subject (Score:4, Interesting)

    by Legion303 ( 97901 ) on Thursday June 09, 2011 @11:48AM (#36388980) Homepage

    "Is account security a thing of the past?"

    Well, back in the early 90s, Citibank sent a bunch of 3.5" floppies to our school for students to use. Those floppies all had account information and spreadsheets on them. My job was to format them for use by the kids. Since I didn't relish the thought of formatting 50 of these fuckers on one computer, I just brought in a box of blank disks of my own the next day and kept the ShitiBank ones, formatting them for my own use as needed. Shiti is extremely lucky I had no plans to use the information for personal gain, but really, they had absolutely zero way to verify where those disks ended up.

    So to answer your question, I don't think account security has ever realistically been on Citibank's mind.

Slashdot Top Deals

If you want to put yourself on the map, publish your own map.

Close