WASHINGTON — A member of the Senate Banking Committee is calling for an investigation into a data breach at Citigroup.
Sen. Robert Menendez, D-N.J., sent a letter Wednesday to Acting Comptroller John Walsh asking the Office of the Comptroller of the Currency to disclose what steps it has taken to work with Citigroup to remedy the situation, whether it was aware of the breach when it first occurred, whether it believes privacy laws were violated, and whether penalties may be appropriate.
Press reports have said that Citigroup waited as long as three weeks before notifying customers that computer hackers had accessed account information, including card numbers and email addresses, for about 200,000 customers.
"If true, this delay is simply unacceptable," Menendez wrote. "As Citigroup's primary regulator with jurisdiction for data security issues, I hope that you also believe this to be unacceptable for consumers."
Menendez has introduced legislation that would increase research and development efforts to strengthen cybersecurity for federal networks, and better enable the government, universities and private sector to collaborate and easily share information about cyberattacks.