Citigroup hacked: What to do if your account was compromised

Almost everyone has received US mail that comes in with a bank’s return address on the left-hand corner.

You might not want to throw it all in the trash, particularly if you have a Citigroup issued credit card.

The big bank says it is in the process of notifying more than 200,000 of its bankcard customers – some 1 percent of its total cardholders – who had their accounts hacked, probably in early May when the bank discovered someone was accessing names, account numbers, and contact information, including e-mail addresses.

The majority of its customers will receive new credit cards and are not responsible for any fraudulent purchases, says Citigroup spokesman Sean Kevelighan.

The data breach is the latest in a recent series of major intrusions into the computers of companies such as Sony, bulk mailer Epsilon, and RSA, which provides SecureID tokens for Internet security. Security experts say the intrusions show that the hackers are getting more sophisticated and harder to immediately detect since many of the companies had fairly sophisticated systems.

“I am afraid they are going to be more successful in the short term in seizing assets and information and disrupting business,” says Larry Poneomon, head of the Poneomon Institute in Traverse City, Mich. “It is a fait accompli.”

In an annual study, sponsored by Symantec, a computer security company, the Institute found the cost of computer intrusions was $214 per compromised record. If the breach included information such as lost Social Security numbers or personal identification numbers, it cost $353 per record.

Probably, one of the most expensive breaches was the 2005 data break-in at TJX Corporation, the parent of T.J. Maxx, the discount retailer. Cyberthieves stole 46.5 records, including a lot of credit card information. The company says the theft cost it about $160 million through its fourth quarter.

1 | 2

Next