After hackers gained access to the personal and financial information for hundreds of borrowers from one of the nation’s largest lenders, it was recently revealed that those cybercriminals racked up millions of dollars worth of fraudulent credit card debt.
Citi recently revealed that of the 360,069 credit card accounts that were accessed by hackers, about 3,400 actually had their payment information used, and the crooks stole more than $2.7 million, according to a report from the Wall Street Journal. This revelation came after the company assured customers that “data that is critical to commit fraud was not compromised,” such as borrowers’ Social Security numbers, dates of birth or credit card expiration dates and security codes.
The losses only came to light during the lender’s briefing of government officials late last week, the report said. In all, reported losses are expected to total roughly $794 per customer.
Several federal lawmakers have criticized Citi’s handling of the data breach as not being proactive enough, and are now mulling the introduction of new laws that increase what information about breaches businesses have to disclose to those affected.