Data Theft in Citi Japan Hits 90,000 Customer Data
Hard on the heels of the recent data compromise that beset Citigroup in the last two months, another data theft involving more than 90,000 customer data of Citi’s Japanese credit-cards subsidiary has proven the poor IT security measures in financial institutions.
In a statement, Citi admitted on Friday that “certain personal information of 92,408 customers has allegedly been obtained and sold to a third party illegally.”
The data theft is the third in a series of cyber crimes that have been hitting Citi since June, during which month the bank said a group of computer hackers have penetrated its servers in May, stealing bank card data of more than 360,000 credit card holders in USA.
Citi was then criticized by US regulators for not informing its clients about the May attack until almost a month later. The bank all the more received criticisms for initially putting the number of affected customers at 210,000 before disclosing the real figure.
It was shortly followed by Citi’s announcement that approximately $2.7 Million has been funneled by hackers.
Back to the Citi Japan’s stolen data, which include account numbers, names, addresses and dates of birth, Citi subsidiaries watered down the possibility of a fraud taking place since the compromised information does not include PIN numbers or security codes.
Citi had reported the data theft to police following a customer inquiry that alerted the bank to the problem.
The New York-based company said it is cooperating with the investigation, while fraud alerts have been sent to affected customers.
So far, no suspicious transactions have been detected, the bank added.
“While the risk of fraud is minimal due to the absence of security information, CCJ has placed internal fraud alerts and enhanced monitoring on all accounts identified,” Citi said in a statement.
“No unusual or suspicious credit cards transactions relating to these customers have been detected at this point.”