NEW YORK — About 200,000 Citibank credit card customers in North America have had their names, account numbers and e-mail addresses stolen by hackers who broke into Citi's online account site.
Citigroup said Thursday it discovered that account information for about 1 percent of its 21 million North American credit card customers had been viewed by hackers. Citi said it was contacting those customers.
The bank said hackers weren't able to gain access to Social Security numbers, birth dates, card expiration dates or card security codes.
That kind of information often leads to identity theft, where cyber criminals empty out bank accounts and apply for multiple credit cards. That can debilitate the finances and credit of victims. Citi customers could still be vulnerable other problems.
Details about their bank accounts and financial information linked to them could be acquired using the e-mail information and account numbers hackers stole.
The Citi data breach was the latest in a series of recent high-profile data attacks against several major companies.
• On June 1, Google said that the personal Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists, had been breached.
• On May 30, broadcaster PBS confirmed that hackers cracked the network's website and posted a phony story claiming dead rapper Tupac Shakur was alive in New Zealand.
• On May 28, defense contractor Lockheed Martin said it had detected a "significant and tenacious attack" against its computer networks. The company said it took swift and deliberate actions to protect the network and the systems remain secure.
• In April, media and electronics company Sony Corp.'s PlayStation Network was shut down after a massive security breach that affected more than 100 million online accounts.
The number of data breaches in the past two months sets a "high water mark," said John Ottman, chief executive of Application Security, a New York firm that specializes in securing databases, the big repositories companies use to organize account information and other data.
"Attackers have realized that most organizations have not properly protected databases," Ottman said.
Cyber attackers have a variety of less-dangerous motivations, from mischief to online activism. But often such data breaches are an attempt to steal personal data, which is likely the case with Citi.
Hackers also will pose as legitimate companies in a tactic known as phishing, where they try to get users to supply additional information such as Social Security numbers and e-mail or bank passwords to get access to their financial information.
Sean Kevelighan, a spokesman for Citi, said the bank is contacting affected customers and enhancing procedures to prevent a similar security breach from happening again.
"For the security of these customers, we are not disclosing further details," he said.