di amrik, seh, WA$PADA lah … 160611

Citi says 360,000 accounts hacked in May cyber attack

A Citibank sign on a bank branch in midtown Manhattan, New York, November 17, 2010. REUTERS/Mike Segar

Thu Jun 16, 2011 5:01am EDT

(Reuters) – Citigroup Inc said a cyber attack in May affected almost twice as many accounts as the bank’s figures had initially suggested, as major U.S. lenders come under growing pressure from lawmakers to improve account security.

A total of 360,083 North American Citigroup credit card accounts were affected by the breach, the third-largest U.S. bank by assets said in a statement released late on Wednesday.

Of those affected, some 217,657 customers were reissued with new cards along with a notification letter, while the remaining accounts were either inactive or had already received new cards earlier, the bank added.

Citigroup had earlier said that about 1 percent of its North American accounts were affected. The bank’s annual report puts the total number of its customers at 21 million.

“It is mainly due to the actual number of accounts being more than what’s in the 2010 annual report as well as variances such as some of the accounts being closed,” United States-based Citi spokesman Sean Kevelighan said in an emailed response.

Customers had their names, account numbers and contact information accessed, but Citi said that “data critical to commit fraud was not compromised” and that other consumer banking online systems were not accessed.

Citigroup also said it identified “the majority” of accounts compromised within seven days, adding that the information was accessed on the accounts by May 24 but that it only started notifying customers of the breach on June 3.

“What Citi should have done upon finding out is to call for a press conference to announce the news, reassure customers that they take this in utmost seriousness, and to personally reach out the affected accounts,” said Li-May Chew, associate research director at IDC Financial Insights.

LUCRATIVE TARGETS

The bank is the latest in a growing list of companies to face cyber attacks in recent months, with Sony, Google Inc and Lockheed Martin all having suffered under hackers this year.

In response to the latest bout of attacks, many banks have stepped up their security effort, with two Australia-based banks — ANZ and Westpac — replacing their customers’ “SecurID” electronic keys earlier this month.

“Cyber hackers are no longer interested in just stealing money directly,” said Edison Yu, industry manager at consultancy Frost and Sullivan.

“They are more interested in stealing peripheral information such as contact details and ID numbers that can be sold on the black market later,” Yu said, adding that the global black market for email addresses and national ID numbers is now worth about $5 billion, making it a lucrative area for hackers looking to steal contact information.

Regulators in many countries have also been preparing new measures on data security, with the head of the Federal Deposit Insurance Corp in the United States saying last week she may “ask some banks to strengthen their authentication when a customer logs onto online accounts.”

The Hong Kong Monetary Authority also said it requires banks to have risk management systems to ensure the adequacy of their security systems.

“Banks are expected to continue to review their security measures in place to enhance the controls, where appropriate, on an ongoing basis,” said an HKMA spokeswoman.

(Editing by Lincoln Feast and Muralikumar Anantharaman)
Citigroup Inc mengonfirmasi telah terjadi pelanggaran di Citi Account Online. Hacker masuk ke ratusan ribu account kartu nasabah. Juru bicara Citi kepada Reuters mengatakan, melalui pantauan rutin baru-baru ini manajemen menemukan akses yang tidak sah di rekening Citi Online di awal Mei.

Bank menyatakan, hanya 1% dari pelanggan yang terkena dampak dari pelanggaran ini. Citi telah me-review nama nasabah, nomor rekening dan kontak informasi dari account yang terkena serangan hacker.

Citi mengklaim, informasi lain seperti tanggal lahir, nomor jaminan sosial, tanggal kedaluwarsa kartu dan kode keamanan kartu (CVV) tidak terganggu. “Kami sudah menghubungi nasabah yang terkena serangan ini, Citi telah meningkatkan prosedur agar kejadian ini tidak terulang,” kata juru bicara itu.

Sayang bank menolak memberikan rincian lebih lanjut mengenai pelanggaran ini. Bank telah dihubungi penegak hukum dan diminta memperketat pemeriksaan. Citi memiliki sekitar 21 juta nasabah yang menggunakan akses transaksi melalui kartu di Amerika Utara.

http://internasional.kontan.co.id/v2/read/1307595372/69753/Ratusan-rekening-milik-Citi-Account-Online-diserang-hacker

Sumber : KONTAN.CO.ID
Seorang ‘penyusup’ berhasil memasuki sistem jaringan di Citigroup Inc. Hacker itu sukses mengakses data sekitar 200.000 pemegang kartu kredit Citigroup di Amerika Utara.

Citigroup menyatakan, nama-nama nasabah, nomor rekening dan informasi kontak termasuk email berhasil diketahui oleh Hacker. Menurut Financial Times, Citi berhasil menemukan adanya pembobolan data itu pada Mei.

Namun Citi mengatakan, informasi lain seperti tanggal lain, nomor jaminan sosial, tanggal kadaluarsa kartu dan kode keamanan kartu tidak berhasil dijebol.

“Kami menghubungi nasabah yang informasinya kena dampak (pembobolan). Citi telah mengimplementasikan perbaikan prosedur untuk mencegah lagi terjadinya peristiwa serupa.” ujar juru bicara Citigroup, Sean Kevelighan seperti dikutip dari AFP, Kamis (9/6/2011).

“Untuk keamanan nasabah-nasabah tersebut, kami tidak akan memberikan informasi lebih detail,” tambahnya tanpa merinci bagaimana penyusupan data itu bisa terjadi.

Juru bicara Citi lainnya, James Griffiths di Hong Kong mengatakan, pembobolan itu telah mempengaruhi sekitar 1% dari pemegang kartu di Amerika Utara. Berdasarkan laporan keuangan Citi, total nasabah di kawasan tersebut mencapai 21 juta.

Namun tidak seperti yang dialami perusahaan Jepang, Sony yang langsung mengumumkan pengamanan dari penyusupan, Citi mungkin bisa menuai kecaman karena tidak segera memberitahukan kepada konsumen.

“Ini mungkin masalah bisnis bank, tapi ini adalah informasi personal konsumen sehingga konsumen berhak untuk diberitahu tentang keamanan penyusupan itu secepatnya. Sulit untuk melihat alasan apapun mengapa kasus ini tidak dibuka secepatnya,” ujar Dan Simpson, juru bicara Consumer Action Law Centre Australia.

Sumber: detikcom

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s