back to article Citigroup breach exposed more accounts than first claimed

The security breach that hit the website of Citigroup exposed data for more than 360,000 accounts, the bank said on Wednesday, about 80 percent more than it previously reported. Citigroup publicly disclosed the compromise last week, but said it involved about 200,000 accounts. Wednesday's revision came amid an inquiry by the …

COMMENTS

This topic is closed for new posts.
  1. Andy ORourke
    Facepalm

    Surprised?

    Next news from Citi group will be that more details about customers were stolen than first thought

    Followed by the fact that the details werent as encrypted as first thought

    Followed by............

  2. Anonymous Coward
    WTF?

    Always a lie?

    Forgive me for saying so, but surely the way most systems are designed, gaining access to the accounts system/database/backend usually means *all* accounts are then available to the hacker?

    How can some accounts be compromised, but not others? Even if accounts are application or brand specific, you'd still get *all* the accounts within the app/brand?

    I'm always sceptical of press releases which say "only a minority of accounts were compromised".

    1. Tom 13

      Ah, the uninformed commetard.

      Go read the linked articles for how the accounts were "hacked." Quite honestly, this particular vulnerability doesn't even rise to the level of Script Kiddie, let alone "hacker" in the current parlance. Here's a hint: the so-called hackers didn't have access to the backend in the sense that they could scarf a copy of the database to peruse at their leisure.

  3. Anonymous Coward
    FAIL

    Epic Fail

    Citi - a multinational bank - fell victim to a url modification hack.

    Seriously?

    Why are they still in business.

  4. Tom 13

    If I get a letter from Citi,

    (which I think under my State Law they are required to send me if I was affected) I will be contacting a truly Burkean lawyer to represent me in suit against them. And I will most vociferously object to being modified into a class action. The means to prevent this particular hack are covered in Web Design 001, not 411.

  5. Anonymous Coward
    Alert

    Could be an identity theft?

    After I read this article: http://www.creditcards.org/article/10-security-features-your-credit-cards-and-how-they-work-.html

    I didn't even know my credit cards had built in security features. I want to get one of the ones with my photo on it next.

    We need to be cautious every time.

This topic is closed for new posts.

Other stories you might like