Looks like the hacking attack on Citigroup was worse than previously reported. Following the announcement last week that hackers accessed the information of 1 percent of its card accounts in North America (or about 200,000 customer accounts), the bank is now saying the number is nearly double that in a statement to its customers released late Wednesday night. "A total of 360,083 North America Citi-branded credit cards were affected," said the bank. Citigroup says it's not giving any new information about the nature of the breach because it could jeopardize the "security of our customers" and "the ongoing law enforcement investigation." The revised number isn't all Citi's fault. A spokesman tells The Wall Street Journal that "the company has about 23.5 million credit-card accounts in North America, up from the year-end figure of 21 million cited in most news reports about the hacking attack." Thus far, what's known about the attack is its simple ingenuity. Hackers went right through Citigroup's front door, logging into the "customers only" part of the site and "inserting various account numbers into a string of text located in the browser’s address bar" giving them access to hundreds of thousands of accounts. So far, Citi has reissued nearly 220,000 cards affected by the attack and says its customers won't be liable for any fraud that occurs as a result of the hackers.
This article is from the archive of our partner The Wire.