Read any good envelopes lately? If you did and you have criminal intent, you might have just won the identity-theft lottery.
Citibank representatives call it a processing error, which doesn’t sound too serious. But for more than half a million Citibank customers who received mail from the credit card company with their Social Security number printed on the outside of the envelope…it was more than a little disturbing.
Here’s what happened
In January, Citibank sent letters to 600,000 customers containing year-end tax information, including their Social Security numbers (SSNs). Somehow those SSNs were printed along with other information at the bottom of the envelopes, in plain sight. In reality, said Citibank, the numbers looked more like bank routing numbers because they were not identified as SSNs. Furthermore, they were not in the usual format of three digits, then two, then four, with the groupings separated by dashes; and they were printed along with other numbers and letters.
In mid-February, Norman White, Citibank’s executive vice president and director of client services, sent letters of notification and apology to every customer affected by the snafu. Citibank offered those customers free enrollment in a credit-monitoring service for 180 days.
One customer who received the Citibank letter told reporters at the Chicago Tribune that he would not be taking advantage of the credit monitoring service.
"It’s like small change compared to the effect of me getting my Social Security number compromised," said Ralph Remakel. "Who would really see it except the post office? But it’s not like it’s hidden in any way. What’s the easiest way to take someone’s identity? Their Social Security number."
Whether any actual harm comes to those customers of Citibank, the credit card giant is far from alone in such breaches. Approximately 100,000 people had their personal identification information stolen from the database of ChoicePoint (a data-collection company), and TJMaxx, Marshalls, and other retailers had to admit to the public that nearly 46 million customer credit card numbers had been stolen.
Citibank’s statement concerning the error
“We regret that a processing error caused the nine digits of some customers’ Social Security numbers to be printed on an envelope we sent to them in late January via the U.S. Postal Service. The digits were not identified as a Social Security number, and they were printed at the lower edge of the mailing envelope with other numbers and letters that together resembled a mail routing number. We believe there is little or no risk to our customers. The error has been corrected for all future mailings.
“Although there is little or no risk to our customers, we decided to be completely transparent to our customers by notifying them of the error. It is an important part of our commitment to our customers to be fully transparent and to give them the peace of mind that comes from banking with people they trust. Over several days, beginning early the week of the 15th, we sent notification letters to the customers involved, apologizing for the error and giving them the option of enrolling in a credit monitoring service at no cost to them.”