By AnnaMaria Andriotis
Citigroup late last night announced that a data breach, which exposed customers’ credit card information, impacted around 360,000 cardholders, or about 1.5% of its roughly 23.5 million North American credit card customers. The hackers accessed customers’ names, account numbers and contact information including email addresses.
A Citi spokesman says the company is contacting customers whose information was impacted. In the meanwhile, Deal Journal suggests several ways cardholders can protect themselves: Request a new card, report problems immediately, that sort of thing.
And while yes, Citi cardholders should do all that, they can also take a deep breath: consumers are well-protected against fraudulent credit card purchases. In general, credit card companies hold customers liable for up to $50 of unauthorized credit card transactions and often times they waive those $50 as well, says a spokeswoman for the American Bankers Association.
If it had been debit card data that had been stolen, on the other hand, consumers would have been in real trouble. In that case, the protections are minimal: the consumer potentially faces losing all the money in their checking account if they don’t report the theft fast enough.
Beyond that, identity theft experts say that the Citi hackers didn’t access enough information to actually use these credit cards for transactions. They’re missing the card expiration date and card security code that’s almost always necessary to make a purchase over the phone or online. “I don’t believe they have enough information, based on everything I’ve seen, to make transactions,” says Jay Foley, executive director at the Identity Theft Resource Center. For consumers, the biggest threat lies in the fact that the hackers have their contact information and could try to “bluff them” to get the other information they need, he says.
Citi says it has implemented enhanced procedures to prevent this breach from occurring again. But regardless of the bank, for consumers using plastic, there will likely be more breaches to come, says Foley. “Consumers can expect to hear more about more of these — the fact of the matter is Citibank, one of the largest banks in the world, suffered an attack.”
Update, June 16: The story has been updated to reflect new numbers from Citi stating that 360,083 customers’ credit card information was compromised. Initial reports from the company stated that roughly 1% — or 200,000 — of its 21 million North American card accounts were affected.