$2.7 million stolen in Citigroup hack attack

A recent cyber attack on the Citigroup financial services company resulted in the loss of $2.7 million from the credit cards of about 3,400 of the company's customers. The Wall Street Journal reports that the number of credit cards that had money stolen due to the cyber attack was still less than one percent of the 360,069 credit cards that were affected by the attack. Citigroup has a total of 23.5 million credit card accounts in the US.

The hack, which happened back in May but was only first reported by Citigroup in early June, did not expose customer data like Social Security numbers, birthdays, credit card expiration dates and credit card security codes, according to Citigroup. The attack did, however, expose other types of customer data like account numbers, names and email addresses, data which could be used to obtain services and products illegally by hackers. The story states that all of the 3,400 customers directly affected by the attack will have their financial losses compensated by the company. The amount of money lost due to the attack is about $794 per customer. Citigroup also said it has replaced 217,657 credit cards for customers affected by the attack. There is still no word as to how the online security breach occurred.

Even with the $2.7 million lost as a result of the Citigroup cyber attack, the story points out that price tag pales in comparison to the $48 billion in annual total losses due to identify theft crimes.

Report a problem with article
Previous Story

Report: iPhone 5 to start production in mid to late August

Next Story

Rumor: Pre-paid iPhone in the works?

17 Comments

Commenting is disabled on this article.

All these "hack" groups would change their tune if it was their own personal items that were stolen. They are nothing but hypocrites, and all their "security" crap is just a coverup for their illegal crimes.

And you can bet "Lulzsec didn't disband... they want you to think that. That Anon group even said "Remember too, @Lulzsec was born from #Anonymous and now has returned. The names have changed but the threat persists." (which means they just rejoined the Anon group to continue their crime spree).

http://technolog.msnbc.msn.com...es-tunisian-government-site

Today the average web application is a really depressing picture to look at, just skimming through code makes you seriously consider stabbing yourself in the eyes. People think they're secure while they're not, management think they're safe while they're not, developers will do whatever is needed to meet deadlines. Most people live in the illusion that big corporations can be trusted because they have the money to throw at their problems, haha ... ask people in the industry and they'll tell you that the Internet is a JOKE. The BS is just overwhelming. Meh ... I'm just gonna stop, this is depressing.

Apparently the hackers gained access to the bank's customer website part of Citi, and then used a bruteforce attack to obtain account numbers that gave them complete access and power over private data and funds.

Here is my question; the funds are digital and have to transfer to another bank before they can be drawn, correct? Why not contact the bank or banks that the stolen funds were transferred to?

MindTrickz said,
Apparently the hackers gained access to the bank's customer website part of Citi, and then used a bruteforce attack to obtain account numbers that gave them complete access and power over private data and funds.

Here is my question; the funds are digital and have to transfer to another bank before they can be drawn, correct? Why not contact the bank or banks that the stolen funds were transferred to?

Cause that would make too much sense.

Steven Hutchison said,

Cause that would make too much sense.

Because that ignores privacy laws in most countries. Most companies/countries also do not care where the money came from, only that it is now in their account. It is non of their business or concern where the money came from.

Makes you wonder what kind of highly educated IT/security people are coming out of colleges that these companies are hiring.

This stuff is getting ridiculous!

Also glad that Citigroup cancelled my card a couple years ago for lack of use.

People cheers about DDoS and simple hacks... The real stuff always is going on and imagine how many hacks were done and banks didnt even noticed it.

Could be a diversion but would also make sense that companies during this time would be more aware of security breaches.
This kind of hacking damage comparing to lulz, makes lulzsec sound like a lost naive puppie