Monday, June 13, 2011

Citibank victimized by hackers, financial institutions are challenged

reported that Citibank’s systems were hacked resulting a data breached on the bank’s network and accessed about 200,000 credit-card holders in North America.

This U.S. bank is under severe public criticism for waiting a month before informing the public about this incident.

The bank said its attackers viewed the names of customers, account numbers, contact information including email addresses. The way I see it, this is the first step a hacker would do - “data gathering”.

Considering that the attackers have your basic information and other sensitive data you should never accept incoming communications pretending they are from the financial institution to do business with you, whether by email or phone call. Call them back using only the phone numbers published on your cards or billing statements. When you log to perform online transactions, always enter their website address not any links emailed to you. Be wary if you receive unknown text message with the option to reply “STOP” to stop receiving messages as this will confirm that your mobile number is active. Always check and monitor your billing statements for any suspicious transactions. If you’re a victim of fraud, call their hotline number and ask for assistance.

The banking industry or any financial institutions should overhaul and improve their security measures, strengthen their authentication, update their customers and conduct periodic risk assessments.

Talk Back
Please comment on this blog at our ROOTCON
Forum. We all learn from each other when your views and opinions are shared.

elated Blogs:
Outsourced Security on the Rise?
Pinoy Hacker’s Confession 2004

About the Contributor:
A self-confessed blogger minus the coffee. He maximizes his skills in consultancy, project management, professional networking, social media campaigns and very active in conceptualizing things. To date he already conducted several IT / Information Security events as his passion since 2007. Currently he's working as a Technical Support Specialist in a local company.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.
All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.