A May cyberattack that breached Citigroup's network gave hackers access to 360,083 credit card accounts in the U.S., the company revealed yesterday.
That number is higher than Citi's initial estimate, which claimed that the breach affected one percent of the bank's 21 million U.S. customers, or around 210,000.
The cyberattack, which occurred on May 10, compromised the company's online account system, allowing the attackers to access names, account numbers, and contact information for the affected customers. However, Citi said that Social Security numbers, birth dates, card expiration dates, and card security codes were not compromised.
Following the attack, the company said it put fraud alerts and enhanced monitoring on accounts considered at risk. An in-depth investigation by Citi eventually discovered the total number of accounts that were hacked and the type of information that was stolen.
At the same time of its investigation, Citi started to notify its affected customers and replace the compromised credit cards. So far, 217,657 accounts have been issued new credit cards along with a notification letter.
The company stressed that customers aren't liable for any unauthorized use of their credit cards and has asked them to report any suspicious activity on their accounts.
Citi didn't provide any details as to how or why the cyberattack occurred but said it's taking measures to prevent it from happening again.
"Citi has implemented enhanced procedures to prevent a recurrence of this type of event," the company said on its Web site. "We have also notified law enforcement and government officials. For the security of our customers, and because of the ongoing law enforcement investigation, we cannot disclose further details regarding how the data breach occurred."