Citibank’s admission that private information of 360,083 North American Citigroup credit card accounts was once stolen by hackers, which affected 210,000 customers, still serves as a warning for all businesses and consumers to take precautionary steps.
The bank’s May 2011 security breach wasn’t reported until weeks later. Originally, Citibank said 200,000 accounts were affected.
None of the reports I found pointed out that it was Citibank’s second reported major security issue in just 18 months.
Soon after the bank’s first breach was reported, it seemed as though the security issue was buried. There weren’t any follow-up reports.
That’s when I wrote the column, How to Protect Yourself from the Internet Crime Wave, quoting Stan Stahl, Ph.D.
He’s a nationally known security expert based in Los Angeles.
Over the years, Dr. Stahl has been a valuable resource – some of the most-widely read Biz Coach articles have included his expert opinions.
Here are the three most read articles:
- Our Mobile-Banking Warnings about Security Prove Prophetic
- Using Starbucks’ WIFI? Security Pro Issues Warning and Security Checklist
- 5 Safety Measures to Thwart Mounting Social-Network Attacks
A security expert I’m not, but I’ve learned from Dr. Stahl’s valuable insights.
Advice for bank customers
In addition to the tips in the above columns – whether you’re a Citibank customer or not – I’d suggest immediately taking these defensive computer measures:
- Change all log-in information. That means all banking, retail credit card and e-mail passwords and information.
- Make certain that you don’t use the same password twice.
- Install adequate firewall and anti-virus protection on your computer.
- To limit your exposure, use the same computer for your financial information. Never use it for social media networking.
- Review all privacy and policy information.
- Avoid using your debit card online. At least personal credit cards offer liability protection under federal regulation. But business banking is not federally protected – it’s left up to individual banks, so check your bank’s policies regarding your company’s accounts.
- Don’t conduct financial transactions over WIFI.
- Don’t do mobile banking.
- If you get an e-mail allegedly from your financial institution, act like an all-pro football defensive end. Prevent an end run. Assume it’s a fraud. If you must communicate with your financial institution, make a telephone call or a personal visit.
- When doing your online banking, be sure to type in the financial institution’s Web address in your browser.
- Regarding the security questions, be creative and don’t list the right answer, which might be obvious to any hacker who learned about your personal situation.
- Check your financial accounts daily.
- If your account is compromised, quickly take appropriate action.
For your company’s management controls, Dr. Stahl has previously recommended taking six precautions:
- Don’t allow your employees to use your computers in social networking.
- Establish a list of allowable web-sites.
- Closely monitor your bank account.
- Train employees in social engineering awareness.
- Change the mindset of your managers and employees – if something seems odd, say no and call for Internet security.
- Strengthen your defenses.
Cybercriminals, I’m sad to say, are here to stay. Do your due diligence.
From the Coach’s Corner, here’s Dr. Stahl’s Web site.
“In a world in which the total of human knowledge is doubling about every ten years, our security can rest only on our ability to learn.”
– Nathaniel Branden