It turns out Citibank was hacked in early May. Wait, you hadn’t heard? Me neither. Well, that’s just because Citibank chose to keep quiet about it until now.
We’re talking a fairly serious hack, too. The personal and account information of some 200,000 Citibank card holders in North America was breached, reports Reuters, including contact specifics like names and email addresses. The solitary bit of good news? Citibank claims far more sensitive info like social security numbers, birth dates, card expiry dates and CVV card security codes was not compromised.
(More on TIME.com: Who ARE These People? Sony Hack Reveals ‘Seinfeld’ as Most Popular Password)
“We are contacting customers whose information was impacted,” said Citibank spokesperson Sean Kevelighan in a statement. “Citi has implemented enhanced procedures to prevent a recurrence of this type of event.”
And that’s about all we know at this point. Citibank claims it’s withholding further details about the hack “for the security” of all customers affected, while an Australia-based customer advocacy group is criticizing Citibank for sitting on the news for roughly a month.
Security firm Sophos weighed in on the hack this morning, pointing out that Citibank issues over 150 million cards globally. But since the breach was reportedly localized to North American customer data, you get the 200,000 number (1% of 21 million North American users) instead of a much more serious global 1.5 million cardholders’ info in breach. Not that 200,000′s anything to grin about.
The Citibank hack comes on the heels of news that Sony Portugal was just hacked by the same Lebanese hacker who went after Sony Pictures last Friday. Sophos security expert Chester Wisniewski says that marks the sixteenth attack on Sony “by [his] count” since the PlayStation Network went belly up mid-April.
(More on TIME.com: Top 10 Twitter Controversies)
From Sony to Yahoo and Gmail, and now Citibank. It’s getting uglier out there, and there’s no time like right now to get your personal security house in order, though in the case of both the Citibank and Sony hack attacks, it wouldn’t have made an iota of difference.