Citigroup has admitted that its free iPhone app – Citi Mobile contains a major security flaw that “accidentally” saves users personal account information in a hidden file on their iPhone. The company has rolled out an updated version of the app and is urging its customers to upgrade ASAP. The accidentally stored information includes account numbers, [...]
Citigroup has admitted that its free iPhone app – Citi Mobile contains a major security flaw that “accidentally” saves users personal account information in a hidden file on their iPhone. The company has rolled out an updated version of the app and is urging its customers to upgrade ASAP.
The accidentally stored information includes account numbers, bill payments and security access codes. What’s worse, this information is also saved to user’s computer if it had been synched with an iPhone. WSJ reports that the security hole affects nearly 117,600 customers who had registered the iPhone app with Citi since its launch in March 2009.
The Citi Mobile app is currently the 11th most-popular offering in the finance category of Apple’s App Store and Citibank has nearly 800,000 mobile customers. The app was developed in partnership with MFoundry, a mobile financial services provider based in Larkspur, California.
Citi says it fixed the bug and informed customers within 24 hours of discovering the issue. Though the bank says that any personal data was not exposed by the flaw, I beg to differ. If a user’s computer is infected with a worm/ trojan, there is a strong likelihood of user’s personal information being compromised. What’s worse, hackers can create malware apps to retrieve user’s personal information stored on their iPhone.
The only saving grace for Citi is that it managed to fix the issue sooner than later. The updated version of the app will erase the previously stored information and is listed as a ‘mandatory’ update for customers on the app store. The fix will also eliminate the possibility of the problem resurfacing in future. Natalie Riper, a Citibank spokesperson, says, “We have no reason to believe that our customers’ personal information has been accessed or used inappropriately by anyone, i.e., there has been no data breach.”
Click here to learn more about Citi Mobile® for the iPhone. Do you use the Citi Mobile iPhone app? If so, have you updated your iPhone app?
Olivia Wilde
Megan Fox
No comments:
Post a Comment