According to a statement from the company, 360,083 accounts were breached in total. Of those accounts, 142,426 were not current — they had been closed or new cards had been automatically issued. The company said it has reissued 217,657 new cards to affected customers. Information such as names, account numbers and e-mail addresses were taken in the breach, but not customers’ social security numbers, dates of birth, card expiration dates or security codes, Citigroup said.
Only customers who opened their accounts in the United States were affected, including 834 people in Washington, 5,041 in Maryland and 5,337 in Virginia. Citigroup said customers are not liable for fraudulent charges and are “100 percent protected.”
The company said that it initially learned of the attack on May 10 and determined its full extent on May 24. The firm began to send out notification letters on June 3. Citigroup also released a breakdown of how many customers were affected by state. Hit the jump for the full list.
|State||Number of Accounts|