Citi, B of A Card Customers Hit by Merchant Data Breach

Register now

Citigroup Inc. and Bank of America Corp. closed some of their card customers' accounts this week, citing data breaches at unidentified retailers.

It was not immediately clear if both banks' customers were affected by a security failure at the same merchant.

Citigroup deactivated some credit cards on Thursday and told the affected customers that it had been informed of a security breach at a retailer, according to one person whose credit card was deactivated.

Citigroup's customer service representative would not identify the merchant, the affected customer said.

Citigroup spokesman Sean Kevelighan said in an email that there was "no specific incident causing the re-issues," but said that Citigroup often reissues credit or debit cards "due to a security concern reported at a merchant or merchants where the customer used the card."

He added that merchant security breaches increased in 2010, "and as a result, we are seeing a higher amount of fraud trending. This increasing trend has prompted us to re-issue a larger amount of cards."

Separately on Thursday, Bloomberg reported that Bank of America sent some customers new debit cards this week, "after accounts may have been compromised at a merchant."

Spokeswoman Betty Riess told American Banker that B of A did not necessarily know which merchant was responsible for the breach. The banks receive information on potential fraud from card networks Visa Inc. and MasterCard Inc., but those alerts do not include the names or locations of the merchants where the fraud takes place, she said.

Riess would not say how many cards Bank of America had reissued or whether the bank's credit card customers were also affected.

For reprint and licensing requests for this article, click here.