The Citibank Building in New York.

Mark Lennihan, Associated Press

Data theft at Target leads Citibank to replace debit cards

  • Article by: NATHANIEL POPPER
  • New York Times
  • January 16, 2014 - 5:36 AM


Citibank plans to reissue all customer debit cards involved in the data breach at Target, making it the second major bank to do so since the attack was disclosed last month.

The bank did not replace the debit cards sooner because it wanted to minimize disruptions during the holiday shopping season, according to a person briefed on the company’s decision who spoke on the condition of anonymity. It will begin sending new cards soon.

Minneapolis-based Target initially said that card information from 40 million customers was stolen between late November and mid-December when its in-store network was hacked. Last week, the company revised its damage estimate to include other systems, which stored the personal data of 70 million more customers, with possible overlap, including people who may not have shopped at Target recently.

Citi said its decision this week was not motivated by any new surge of fraud or by additional information on the breach but was a precautionary measure.

JPMorgan Chase & Co. took a step similar to Citi’s just a few days after the data breach was made public in December. JPMorgan ultimately replaced 2 million of its 23 million debit cards. Neither JPMorgan nor Citi is conducting a wholesale reissue of credit cards, which are harder to defraud quickly.

© 2018 Star Tribune