Citibank PIN Hack: Deja Vu
Hack keeps coming back to haunt banking giant
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc94608acf452fd67/655cf371ab171e040a838b2a/329050_DR23_Graphics_Website_V5_Default_Image_v1.png?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
If today's Associated Press report on the hacks of Citibank's ATM systems seems strangely familiar to you, don't worry. You're not losing your mind.
AP today reported that a hack of Citibank's personal identification number (PIN) system recently allowed attackers to steal as much as $2 million from the ATM network that serves 7-11 convenience stores. Although authorities still aren't sure how it was done, the network-based hack allowed the perpetrators to steal funds without touching any of the ATMs. Citibank officials said the attack occurred through a server at a third-party processing service.
The AP story makes the hack sound like breaking news, but it was actually reported -- in much greater detail -- more than a week ago in a report that appeared in Wired. A link to that story appeared in Dark Reading's Best of Web section.
More importantly, Citibank might be experiencing a sense of deja vu because a remarkably similar breach of Citibank's PIN systems occurred in March 2006. As in the case of the 7-11 attack, criminals broke into the Citibank PIN system through a third-party system and executed several hundred withdrawals, forcing the bank to shut down PIN-authenticated transactions in three countries.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024