Citigroup joins a growing list of companies that have suffered cyber attacks. As the Citigroup recently discovered that hackers have managed to breached the bank's internal network and access the records of 200,000 cardholders in North America.
James Griffiths, Citi's spokesperson in Hong Kong, said the breach had affected 1 percent of North American card customers, which the bank's annual report says total 21 million.
Citi said the names of customers, account numbers and contact information, including email addresses, were viewed in the breach, which the Financial Times said was discovered by the bank in early May. However, Citi said other information such as birth dates, social security numbers, card expiration dates and card security codes (CVV) were not compromised.
According to Reuters, another Citigroup spokesman, a U.S.-based Sean Kevelighan, said by email, "We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event."
"For the security of these customers, we are not disclosing further details."
In the brief email statement, Citi did not say how the breach had occurred.
But like Japanese electronics and entertainment group Sony, which has declared several security breaches of its networks this year, Citi could come under fire for not telling customers sooner.
"It may be the bank's business, but it's the consumer's personal information so consumers deserve to be told about security breaches immediately," said Dan Simpson, a spokesman for Australia's Consumer Action Law Center, an advocacy group.