Citibank PIN Hack: Deja Vu

Hack keeps coming back to haunt banking giant



If today's Associated Press report on the hacks of Citibank's ATM systems seems strangely familiar to you, don't worry. You're not losing your mind.

AP today reported that a hack of Citibank's personal identification number (PIN) system recently allowed attackers to steal as much as $2 million from the ATM network that serves 7-11 convenience stores. Although authorities still aren't sure how it was done, the network-based hack allowed the perpetrators to steal funds without touching any of the ATMs. Citibank officials said the attack occurred through a server at a third-party processing service.

The AP story makes the hack sound like breaking news, but it was actually reported -- in much greater detail -- more than a week ago in a report that appeared in Wired. A link to that story appeared in Dark Reading's Best of Web section.

More importantly, Citibank might be experiencing a sense of deja vu because a remarkably similar breach of Citibank's PIN systems occurred in March 2006. As in the case of the 7-11 attack, criminals broke into the Citibank PIN system through a third-party system and executed several hundred withdrawals, forcing the bank to shut down PIN-authenticated transactions in three countries.

— Tim Wilson, Site Editor, Dark Reading

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service