Citigroup said today that hackers breached the bank's network and may have gained access to the personal data of hundreds of thousands of bank card customers.
Customer names, account numbers, and contact information, including e-mail addresses, were accessed during the breach, which was discovered in May during routine monitoring. However, no Social Security numbers, birth dates or security codes were accessed, Citi said.
Citi said the breach affected about 1 percent of its 21 million customers.
"We are contacting customers whose information was impacted," Citi spokesperson Sean Kevelighan said in a statement. "Citi has implemented enhanced procedures to prevent a recurrence of this type of event. For the security of these customers, we are not disclosing further details."
The breach, which was first reported by the Financial Times, adds Citi's name to a growing list of companies that has suffered an intrusion in recent months.
RSA, the company sells SecurID tokens that are used by corporations, organizations, and government agencies to allow workers to remotely access a sensitive network securely,by an "extremely sophisticated cyberattack" in which sensitive data related to the SecurID technology had been pilfered.
In April, Sonythat their personal information, including names, addresses, e-mail addresses, birthdays, PlayStation Network and Qriocity passwords, and usernames, as well as online user handles, had been obtained illegally by an "unauthorized person" between April 17 and 19. Less than a week later, Sony announced that data of more than 24 million Sony Entertainment Online customers had also been exposed.
earlier this month that it had "detected and disrupted" a plan to break into hundreds of Gmail accounts through a series of phishing attacks. The targets of the attacks included top government officials from the U.S. and several Asian countries, along with journalists, political activists, and military personnel.
Updated June 9 at 9 a.m. PT with statement from Citi.