Citibank plans to replace all of its customer debit cards involved in the data theft at Target. This makes Citibank the second major bank to do so since the breach was reported last month, according to The New York Times.
A person familiar with the bank's decision said the bank did not want to add a disruption during the December peak shopping season, so it did not reissue the debit cards last year. Citibank will start sending out the new cards soon, the report detailed.
Target originally said that 40 million customers were affected by the card information theft between November and mid-December when the retailer's in-store network was hacked. However, the company changed its statement last week to include other systems in the damage estimate. The said system stored the data of 70 million more clients. According to experts, it was one of the biggest consumer data theft, the report explained.
This week, Citi said the decision to reissue debit cards did not stem from a new fraud issue or another breach. Rather, it was just a precautionary measure, since encrypted PIN data had been compromised in the Target data breach, the report said.
In general, banks are responsible for charges made on credit cards that are stolen. Debit card users, however, can be reponsible for up to $500 worth of transactions, depending on when the fraud is reported, the news firm noted.
Federal authorities are now investigating the data thefts, The New York Times reported.
Join the Conversation