Citigroup hackers made $2.7 million

Discussion in 'User Submitted News' started by Zekrom_cool, Jun 25, 2011.

Jun 25, 2011
  1. Zekrom_cool
    OP

    Member Zekrom_cool I respect faith, but doubt is what gets you an edu

    Joined:
    Apr 17, 2011
    Messages:
    915
    Location:
    Heaven [N's Castle]
    Country:
    India
    -snip-


    Citigroup suffered about $2.7 million in losses after hackers found a way to steal credit card numbers from its website and post fraudulent charges.

    Citi acknowledged the breach earlier this month, saying hackers had accessed more than 360,000 Citi credit card accounts of U.S. customers. The hackers didn't get into Citi's main credit card processing system, but were reportedly able to obtain the numbers, along with the customers' names and contact information, by logging into the Citi Account Online website and guessing account numbers.

    Until now, it wasn't clear how much -- if any -- fraud had occurred as a result of the theft. But Citi confirmed Friday that there were losses of $2.7 million from about 3,400 accounts.

    The bank has said its customers will not be liable for the losses.

    Citi learned about the hack on May 10 and began notifying customers on June 3. The bank said other sensitive data, such as Social Security numbers, birthdates and the cards' CVV (Card Verification Value) security codes used for online transactions, were not taken.

    In addition to the fraud losses, Citigroup will have to pay the cost of notifying customers and reissuing credit card numbers for the 360,000 affected clients. The Ponemon Institute has estimated the average cost of a data breach at $214 per compromised record. By that yardstick, the breach would cost the bank $77 million.



    Source
     
  2. Sicklyboy

    Global Moderator Sicklyboy Resident Mechanical Keyboard Addict

    Joined:
    Jul 15, 2009
    Messages:
    5,620
    Location:
    [̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]
    Country:
    United States
    ahem... stop following suite of Sony.
     
  3. ShadowSoldier

    Member ShadowSoldier GBAtemp Guru

    Joined:
    Oct 8, 2009
    Messages:
    9,383
    Country:
    Canada
    Wait.. that's waaaay worse than Sony's notice. And not to mention this hack is worse than Sony's too.

    Well Sony, looks like I should apologize. But I won't because I still hate you and everything you do.

    Anyways, what took so long for Citi to tell people anyways? I mean, if actual money was taken, you'd figure that they would notify people like right away... right? Hell, last year when ATM's here and banks and everything was being hacked, the banks would call you saying some stuff is going on. That's what happened to us. The bank my parents use, as soon as money was being used for suspicious transactions, they called us right away.
     
  4. shadowmanwkp

    Member shadowmanwkp Your roms are on another rom site

    Joined:
    Apr 17, 2008
    Messages:
    486
    Location:
    Vleuten, The Netherlands
    Country:
    Netherlands
    We're not talking about physical money here, but virtual money. The hackers got away with virtual money and probably transferred the money to another account, but citigroup lost no physical money. This means that no person has lost his or her money (I hope) and thus the news came out a tad late.

    A bank doesn't have all its money at hand, they invest it in new buildings or try to make profit with it. In practice, a bank needs only about 10% of the money their customers to keep them satisfied, because they won't withdrawing everything at once anyways. Therefore they can invest it in other things. There's also the case of money just being made out of nothing: if you borrow money, the bank just "creates" money. They don't have money to give to you, but you don't either (that's the reason why you ask the bank for money), what they do is give you the opportunity to spend the money, but they expect it back within a set time, thus the balance remains equal.

    However, if a bank does this too much, like in the credit crisis, they get problems because they give money to people that can't pay it back. The bank gets more costs and needs the lended money to cover up for the 10% of the customers that withdraw their money daily. If it gets worse, the people will mistrust the bank and about 80% of the people demand their money back, but because a bank only has enough money for 10% of the people, it will go bankrupt.

    tl;dr The money ain't physical, so they can solve it easily. It does get a big problem if people are going to do a run on the bank
     
  5. Foxi4

    Reporter Foxi4 On the hunt...

    pip
    Joined:
    Sep 13, 2009
    Messages:
    22,713
    Location:
    Gaming Grotto
    Country:
    Poland
    Sony could be slightly "excused" here, they're not a banking group, they don't deal with credit cards non-stop. Citi is a bloody banking group, the hack should've been detected immediatelly. Sony deals in Technology, Citi deals with MONEY. MONEY should probably be their focus here.

    They did not notify the clients simply because they're a big group. Circa 3 mil losses are "f*ck that change, we deal with the big stuff" type of losses - they'll simply put the money back on respective accounts.

    Few IT specialists will loose their comfy seats, but still. They showed a big FU to their clients here.
     
  6. DeMoN

    Member DeMoN GBAtemp Guru

    Joined:
    May 12, 2004
    Messages:
    7,647
    Country:
    United States
    Damn I hope this doesn't happen to Bank of America. I barely have enough money as it is, I don't need hackers stealing it.
     
  7. ShadowSoldier

    Member ShadowSoldier GBAtemp Guru

    Joined:
    Oct 8, 2009
    Messages:
    9,383
    Country:
    Canada
    The bank lost money dude. They have to come up with credit cards for everybody now, which isn't exactly cheap.
     
  8. Foxi4

    Reporter Foxi4 On the hunt...

    pip
    Joined:
    Sep 13, 2009
    Messages:
    22,713
    Location:
    Gaming Grotto
    Country:
    Poland
    I have to agree with Shadow here - the costs will be immense, and that's not only limited to swapping credit cards.

    A) They'll have to return the stolen money, that means that an investigation team will have to look through thousands of account histories to check whether withdrawls were factually made by the card owners or was it somebody else, living miles and miles away.

    B) They'll have to re-program the entire system to patch the hole in it.

    C) They'll have to issue new credit cards to all affected CC users.

    D) They'll have to spend some cash to fix up their PR.

    That's no small talk, the money they'll spend on fixing the issue is nothing compared to the losses they sustained while the hackers stole money. There's no such thing as "non-physical money", the money's always somewhere, and if it's a bag with a hole in it, you're leaking money bro.
     
  9. trumpet-205

    Member trumpet-205 Embrace the darkness within

    Joined:
    Jan 14, 2009
    Messages:
    4,363
    Country:
    United States
    INCORRECT.

    In the case of credit card fraud, credit card company CANCELS the transaction. Meaning any credit merchant earned must be returned to the credit card company. It is the merchant at lost, not the credit card company. It is part of the agreement between merchant and credit card company.

    Although most merchants already signed up for charge back insurances, in that case insurance company will reimbursed any charge back lost back to merchants.

    2.7 millions lost in the news are referring to potential earning from interchange/discount fee (fee merchant agreed to pay to the credit card company for each card transaction) and any applicable fee.

    Citigroup will lose this potential earning and incur any cost of reissuing account numbers. They will not incur other cost, merchants will.
     
  10. SamAsh07

    Member SamAsh07 GBAtemp Addict

    Joined:
    Jan 27, 2009
    Messages:
    2,693
    Location:
    Bahrain
    Country:
    Bahrain
    They warned customers like after a month? Nice one.
     
  11. Foxi4

    Reporter Foxi4 On the hunt...

    pip
    Joined:
    Sep 13, 2009
    Messages:
    22,713
    Location:
    Gaming Grotto
    Country:
    Poland
    That's not an International rule, who's to say the money was stolen IN THE US? It affected US Customers, but you don't know where the withdrawls were made. It could be the other end of the globe, and for all the merchant cares, they can "blow him" in that case.

    In Poland, if a bank looses money due to an incident like this, it just looses money. No returns. Sorry princess, you had shitty AP and that's the price, end of story. Cancelling all those transactions costs our money, not theirs, we don't roll that way.
     
  12. Bladexdsl

    Member Bladexdsl ZOMG my posts...it's over 9000!!!

    Joined:
    Nov 17, 2008
    Messages:
    14,347
    Location:
    Queensland
    Country:
    Australia
    so lulzsec are bank robbers now?
     
  13. ferofax

    Member ferofax End of the World

    Joined:
    Jan 26, 2009
    Messages:
    2,564
    Location:
    Philippines
    Country:
    Philippines
    ...could be they stumbled onto something they could use for this in their 50-day rampage. who knows?

    but hey, virtual money is just that, virtual money. as far as i'm concerned, if it's not cold hard cash, it might as well be in Gil.
     

Share This Page