Citigroup says 360,083 U.S. Citi-branded credit cards were compromised in the recent security breach. The breach happened May 10th and impacted about 1% of North American cardholders. In Ohio, 5,547 customers were impacted.
The company posted an open letter to its customers on its website. It reads as follows:
“To Our Customers: You may have recently read in the media about a compromise to Citi Account Online impacting credit card accounts in North America. We wanted to share more specifics with you regarding the event. First, we want to confirm three things: 1. From the moment Citi discovered the breach we took immediate action to rectify the situation and protect any customers potentially at risk. 2. Customers are not liable for any fraud on the account and are 100% protected. 3. Every decision made throughout this process was in the best interest of our customers.”
Citi says its Citi Cards’ Account Online system was effected, but the main card processing system was not. Citi says it knew within seven days the majority of accounts that were impacted.
Citi says account names, numbers, contact information, and email addresses were viewed. The credit card company says social security numbers were not accessed which is a key factor in stealing someone’s identity. Citi says the card’s expiration date, customer’s birth date, and card security code (CVV) were also not compromised.