Citigroup Inc. has told its U.S. mobile banking customers they should upgrade to a new application for Apple Inc.'s iPhone after the bank's original version was found to have a security flaw.
In an incident that highlights the growing security challenges around wireless apps, Citi said its iPhone app accidentally saved personal account information in a hidden file on users' iPhones. Information that may have been stored includes their account numbers, bill payments and security access codes.
The information may also have been saved to a user's computer if they synched their iPhone with a PC.
It wasn't clear whether the information was stored in an area that could have been accessed by a hacker, but Citi said it doesn't believe the data was breached and said its new app corrects the problem.
"We have no reason to believe that our customers' personal information has been accessed or used inappropriately," Citi said.
Citi said its new app, released July 19, deletes account information that may have been saved to users' iPhones or computers.
Citi said the problem was discovered in a routine security review. Citi notified customers of the problem in a July 20 letter. Other Citi iPhone apps, such as the app for credit card customers, weren't affected, Citi said.
