U.S. banking company Citigroup is beginning the arduous, expensive process of cleaning up from a massive data breach – a process that has become more common among big-name companies as of late.
The company recently admitted that its servers were breached by hackers, who were able to access names, addresses, email addresses and credit card numbers of 200,000 of its customers. However, in a statement emailed to the New York Times, Citigroup claimed the hackers did not access Social Security numbers, dates of birth, card expiration dates and card security codes.
According to the statement, the company discovered that someone had gained "unauthorized access to Citi's account online," but that this wasn't noticed until Citigroup had conducted its routine monitoring. The New York Times reported that Citigroup is now pursuing data protection upgrades and contacting affected cardholders through the mail to provide replacement credit cards.
The company said in its email to the Times that “Citi has implemented enhanced procedures to prevent a recurrence of this type of event … For the security of these customers, we are not disclosing further details.”
High-profile hacks have become commonplace in the daily headlines lately, with such big-name companies as Epsilon and Sony falling victim as well. With one large breach targeting Epsilon and several repeated aimed at Sony, more than 100 million consumers have been affected.
Following data leak issues of this scope, the process of recovering that data and maintaining regular business operations is difficult for many, and has worsened during the past few years. Research conducted by the Ponemon Institute found that the average cost per data breach in the United States grew from $6.8 million in 2009 to $7.2 million last year.