Thieves Found Citigroup Site An Easy Entry
Nelson D. Schwartz and Eric Dash write in the New York Times:
Think of it as a mansion with a high-tech security system — but the front door wasn’t locked tight.
Using the Citigroup customer Web site as a gateway to bypass traditional safeguards and impersonate actual credit card holders, a team of sophisticated thieves cracked into the bank’s vast reservoir of personal financial data, until they were detected in a routine check in early May.
That allowed them to capture the names, account numbers, e-mail addresses and transaction histories of more than 200,000 Citi customers, security experts said, revealing for the first time details of one of the most brazen bank hacking attacks in recent years.
The case illustrates the threat posed by the rising demand for private financial information from the world of foreign hackers.