Skip to content

Citi Bike Glitch Leaks Customer Credit Card Details

July 24, 2013

Citi Bike data breach

By Gilbert Falso :: 12:06 AM

A glitch in the software behind New York City’s new Citi Bike initiative has resulted in the release of personal and financial information, including credit card numbers, of at least 1,000 Citi Bike users.

In a letter sent to Citi Bike users last week, it was revealed that a data breach occurred in April, but was not discovered or fixed until late May. The breach affected 1,174 users who were signed on for annual memberships in the bike sharing program. An annual membership costs $95.

The breach was possible because a system error log that contained personal data was made accessible for a short time on the public facing Citi Bike website. The file contained the names and contact details of riders, along with credit card numbers with security codes, passwords, birth dates, and security questions used to log into the service.

According to a statement released by Citi Bike, there is, “no evidence that any personal information was maliciously accessed or misused.” Citi Bike is currently working with a security contractor to investigate the breach, and will provide identity and credit monitoring services free of charge to those customers affected.