Citi, Apple Disclose iPhone App Security Flaw
Beware, mobile bankers: Citigroup is encouraging Apple iPhone owners who downloaded the company's mobile banking app to upgrade to a patched version after a security flaw was found.Banking giant Citigroup and iPhone maker Apple are encouraging users who downloaded Citi's banking application for the smartphone to upgrade to a new version after a security flaw was discovered in the application. The flaw accidentally saves personal information, including access codes, bill payment information and even bank account numbers, onto the iPhone or any computer it has been synchronized with. "During a recent review, we discovered that our U.S. Citi Mobile iPhone banking app was accidentally saving information related to customer accounts in a hidden file on their iPhones," the company announced in a statement. "This information may also have been saved on their computer if they had been synchronizing their iPhone with their computer via iTunes."
The Wall Street Journal reported approximately 117,600 customers has been affected by the flaw since the app was launched in Apple's App Store in March 2009, although the paper's unnamed source said no personal data was exposed. "We have no reason to believe that our customers' personal information has been accessed or used inappropriately by anyone," the paper quoted the company as saying.