subject: Citi Mobile' Updated to Address Security Flaw [print this page] Citi Mobile' Updated to Address Security Flaw
The Wall Street Journal reports that financialbehemoth Citigroup today revealed that asecurity flaw had been discovered in its Citi Mobile application for the iOS platform, a flaw that was patched in an update to the application released last week.
Quote:
In an incident that highlights the growingsecuritychallenges around wireless apps, Citi said its iPhone app accidentally saved personal account information in a hidden file on users' iPhones. Information that may have been stored includes their account numbers,bill payments andsecurityaccess codes.
The information may also have been saved to a user's computer if they synced their iPhone with a PC.
According to the report, there is no evidence that information could be or has been accessed by hackers, but nevertheless the company issued an update to the application last week that addresses the issue. While the update's App Store description does not specifically address thesecurityrisk, it does call the update a "mandatory upgrade" and notes that it containssecurityenhancements. The company also notified customers by letter on July 20th.
The Wall Street Journal reports that financialbehemoth Citigroup today revealed that asecurity flaw had been discovered in its Citi Mobile application for the iOS platform, a flaw that was patched in an update to the application released last week.
In an incident that highlights the growingsecuritychallenges around wireless apps, Citi said its iPhone app accidentally saved personal account information in a hidden file on users' iPhones. Information that may have been stored includes their account numbers,bill payments andsecurityaccess codes.
The information may also have been saved to a user's computer if they synced their iPhone with a PC.
According to the report, there is no evidence that information could be or has been accessed by hackers, but nevertheless the company issued an update to the application last week that addresses the issue. While the update's App Store description does not specifically address thesecurityrisk, it does call the update a "mandatory upgrade" and notes that it containssecurityenhancements. The company also notified customers by letter on July 20th.
The application has seen three other revisions since its March 2009 introduction, and it is unclear whether thesecurityissue has been present in all versions or if it was introduced sometime after the initial release.
The application has seen three other revisions since its March 2009 introduction, and it is unclear whether thesecurityissue has been present in all versions or if it was introduced sometime after the initial release.The Wall Street Journal reports that financialbehemoth Citigroup today revealed that asecurity flaw had been discovered in its Citi Mobile application for the iOS platform, a flaw that was patched in an update to the application released last week.
Quote:
In an incident that highlights the growingsecuritychallenges around wireless apps, Citi said its iPhone app accidentally saved personal account information in a hidden file on users' iPhones. Information that may have been stored includes their account numbers,bill payments andsecurityaccess codes.
The information may also have been saved to a user's computer if they synced their iPhone with a PC.
According to the report, there is no evidence that information could be or has been accessed by hackers, but nevertheless the company issued an update to the application last week that addresses the issue. While the update's App Store description does not specifically address thesecurityrisk, it does call the update a "mandatory upgrade" and notes that it containssecurityenhancements. The company also notified customers by letter on July 20th.
The application has seen three other revisions since its March 2009 introduction, and it is unclear whether thesecurityissue has been present in all versions or if it was introduced sometime after the initial release.
