The recent Citigroup data breach exposed the personal information of more than 360,000 customer accounts, about 80 percent more than the bank initially had reported, according to a statement from the bank released yesterday.
Previously, Citigroup said the breach had affected 1 percent of its 21 million North American cardholders, or potentially hundreds of thousands customers. However, yesterday’s statement revealed new numbers and came as the bank was forced to respond to Connecticut's attorney general and other state regulators who have opened inquiries into the breach, The New York Times reports.
Citi said it detected the breach May 10, and by May 24, it had confirmed the full extent of information accessed on 360,069 accounts.
“An additional 14 accounts were confirmed subsequently,” the bank said in a release. “To determine the cardholder impact required analysis of millions of pieces of data.”
Citi said it began notifying customers about the compromise June 3, and assured customers they would not liable for any unauthorized use of their accounts.