Bank of America, Citigroup Reissue Cards After Breach

Massachusetts Customers Impacted by Unidentified Incident Two US banks recently reissued new credit and debit cards to Massachusetts customers after a data breach at an unnamed merchant.

Bank of America and Citigroup both issued replacement cards and notified customers that their account numbers may have been compromised. Neither bank will say exactly how many cards were replaced or which third-party merchant database compromise was referred to in the notification letters.

Citi's spokesperson Janis Tarter says this incident is not related to a new data breach. "I am completely unaware of anything new."

The most recent notable breach of credit and debit cards was the Network Solutions data breach that occurred for three months earlier this year. Notification by the company to the more than 4,300 merchants affected was made on July 24. More than 573,000 credit and debit card accounts were compromised in the breach.

Tarter says when the bank becomes aware of a data breach, it takes appropriate steps, above and beyond its normal prevention and detection actions, on any customer accounts that may have been impacted. Actions include the use of Citi's Fraud Early Warning System to monitor accounts, as well as notifying some customers who may be at increased risk due to suspicious activity.

Bank of America media representative Betty Riess says her institution routinely reissues credit and debit cards. "Through the use of fraud monitoring, if we see the card has been used fraudulently or we've been notified by the card company of misuse, we will block and reissue a customer's card," Riess says.

Riess says she would not be able to comment on a third-party breach, and since the breach did not originate at Bank of America, there would be no notification from Bank of America to the Commonwealth of Massachusetts, where the breached customers reside. Often, she says, when the bank is notified from the card companies, the fraud notification does not say where the breach originated.


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.