About 200,000 Citibank credit card customers in North America have had their names, account numbers and email addresses stolen by hackers who broke into Citi's account site.
Citigroup Inc. said it discovered that account information for about 1 percent of its credit card customers had been viewed by hackers. Citi has more than 21 million credit card customers in North America, according to its 2010 annual report.
The New York-based bank, which discovered the problem during routine monitoring, didn't say exactly how many accounts were breached. Citi said it was contacting those customers.
The bank said hackers weren't able to gain access to social security numbers, birth dates, card expiration dates or card security codes. That kind of information often leads to identity theft, where cyber criminals empty out bank accounts and apply for multiple credit cards. That can debilitate the finances and credit of victims.
Citi customers could still be vulnerable to other problems. Details about their bank accounts and financial information linked to them could be acquired using the stolen email addresses and account numbers.
Federal regulators have taken notice and are asking banks to improve security.
"Both banks and regulators must remain vigilant," said Sheila Bair, chair of the Federal Deposit Insurance Corporation. She said federal agencies, including the FDIC, are developing new rules to push banks to enhance online account access.
In an emailed statement, Sean Kevelighan, a spokesman for Citi, said the bank is contacting affected customers and enhancing procedures to prevent a similar security breach from happening again.