A hacker had managed to break through the security system of Citibank Online in the U.S.. The perpetrator stole about 200,000 customer data.
James Griffiths, the Citi spokesman in Hongkong said that the breach was affecting only 1% of total Citibank customers in North America which amounting to about 21 million people.
Citibank said that they had notify all customers that their data has been stolen and also have implemented the more stringent security system dan new procedures to avoid similar incidents in the future.
The Stolen Data
Many people are worried the hacker had stole sensitive customer data. But Citibank explained that the information that had been stolen is only full name, account number and email address.
Sensitive data like credit card number, date of birth, credit card expired date, Social Security Number (SSN) and card security code (CVV) are still secure and untouched.
Citibank found a breach to it's security system in early May 2011. But they inform the security breach to public on June 8, 2011, after a lot of media are urging them to give some clarification about why many of Citibank customers in America can not use their credit cards all of a sudden.
Citibank said that they immediately deactivate approximately 100,000 credit cards that related to the stolen data and will / are replacing them with new cards. But unfortunately this information too late to notified to their customers.
Why a Little Late?
Maybe for Citibank, incident by hackers who breaking into the security system should be kept in secret for the time being to perform the mitigation, prevention and investigation. But waiting too long to inform customers about it, could be a bad move and would reduced public trust.
No one is happy to hear and know that he has become a victim of identity and personal information theft from the media. Citibank should be more quickly to informing this incident to their customers before they hear from other parties.
Cyber Attacks will always there
The Citibank incident is added to the list of large companies that suffer from hacker attacks. Previously, Sony and Google are also victims of hacker attacks to their sites.
The cyber criminals will certainly continue to exist and trying to penetrate the security systems of large companies. Whatever their motivation, it is more likely that they do these crimes for money.
Because of that, every company must give priority and continue to improve the security of customer data and financial transactions, particularly for accounts and transactions that can be accessed online.