BUSINESS

Citibank customers' information stolen as computer systems breached

Comment
Decrease Increase Text size

--On May 28, Lockheed Martin said it had detected a "significant and tenacious attack" against its computer networks. The company said it took swift and deliberate actions to protect the network and the systems remain secure.

--In April, Sony's PlayStation Network was shut down in April after a massive security breach that affected more than 100 million online accounts.

--Also in April, hackers penetrated a network operated by a data marketing firm Epsilon. The company handles email communications for companies like Best Buy Co. and Target Corp.

The number of data breaches in the last two months sets a "high water mark," said John Ottman, CEO of Application Security Inc., a New York-based firm that specializes in securing databases, the big repositories companies use to organize account information and other data.

"Attackers have realized that most organizations have not properly protected databases," Ottman said.

Cyber attackers have a variety of less-dangerous motivations, from mischief to online activism. For example, a group identifying itself as LulzSec claimed credit for the fake PBS article calling it retaliation for a documentary about WikiLeaks, the website that publishes classified documents.

But often such data breaches are an attempt to steal personal data, which is likely the case with Citi. Hackers also will pose as legitimate companies in a tactic known as "phishing," where they try to get users to supply additional information like social security numbers and email or bank passwords to get access to their financial information.

The fact that the Citi hackers only got a few pieces of personal data on customers may limit what crooks can do with the information, said Susan Grant, director of consumer protection at Consumer Federation of America, a consumer advocacy group.

"But any ID theft is worrisome for consumers," Grant said. She believes companies are responsible for protecting their customers' information from internal and external abuse.

In an emailed statement, Sean Kevelighan, a spokesman for Citi said the bank is contacting affected customers and enhancing procedures to prevent a similar security breach from happening again.

"For the security of these customers, we are not disclosing further details," he said.

  1. «
  2. 1
  3. 2
  4. »

Would you like to contribute to this story? Join the discussion.

Recommended For You
comments powered by Disqus