We’ve received queries from readers telling us that their Citibank cards have been replaced, and asking whether we’ve heard about any new security breach. Other than Forever 21 we haven’t, so we’re wondering whether they’re responsible for the stories below.
Just got a replacement card from Citi due to possible “compromise of information” but when I asked customer service who the merchant was who may have been compromised, she said she did not have that information, but that it came straight from Visa and Mastercard and that it happened in the last 6-8 months.
I logged onto my CitiCard professional account today and discovered an “important security messsage” that my account may be at risk due to a problem with a merchant’s database. The CSR said someone had “hacked in” to a database. His manager said she didn’t know which merchant was involved, and invoked the TJ Maxx case as an example. When I asked if this was of comparable size, she said it was, and the CitiBank was issuing new cards to people, and that mine should be in the mail already.
Update 09/19/08: We received another report this morning:
Just yesterday, I received a replacement card.
Logging onto their site, I got a message saying my card had been compromised. I decided to activate the new card, but pressed 5 for a consumer rep. This was not the ordinary rep with noise in the background. She had no “sell-up” scripts nor an ebullient demeanor.
She said my card had to be replaced due to a database compromise.