Citigroup is advising its customers that use an iPhone to conduct online banking to immediately upgrade the application to the newest version as the old one contains security flaws which may put them at risk.
In a letter to customers, the U.S. bank said the Citi Mobile app actually saved user information in a hidden file which could be accessed by hackers and used to gain unauthorized entry into the customer’s banking accounts. Information save in the file includes bill payments, account numbers and security codes.
To date, there have been no reports of the vulnerability actually being exploited by anyone. However, Citigroup warned the information could be stolen once it was stored on an iPhone or transferred to a computer during the synching process.