Turns out there’s a whole lot more users that are going to be affected by the Citibank breach than everyone thought.
Just last week, it became apparent that Citibank had been hacked in early May. It wasn’t until nearly three weeks later that the bank notified everyone about the situation, revealing that about 200,000 accounts were reported to have been affected by the attack. It turns out that number is actually much higher.
Approximately 360,000 credit cards were compromised by the breach, about 80 percent more than were initially suggested. The error was exposed when the bank was forced to respond to state regulators who were investigating the breach. The bank has nearly has 23.5 million credit card accounts in North America alone.
What exactly was exposed again? Citigroup says:
“The customers’ account information (such as name, account number and contact information, including email address) was viewed. However, data that is critical to commit fraud was not compromised: the customers’ social security number, date of birth, card expiration date and card security code (CVV).”
Fear not: Citigroup has already reissued almost 220,000 cards tied to affected accounts (others haven’t been reissued because accounts were either closed or due to other circumstances). The company says that customers are not liable for any fraud that may happen as a result of the breach. The most widely affected state was California, with 80,000 accounts compromised.
(via Wall Street Journal)
More on TIME.com: