Citibank victimized by hackers, insists cardholders are safe (http://nakedsecurity.sophos.com/2011/06/09/citibank-victimized-by-hackers-insists-cardholders-are-safe/)

"Security breaches happen, they're going to continue to happen ... the mission of the banking industry is to keep the customer base safe and customers feeling secure about their financial transactions and payments."

Pretty much how I feel about it.

-{ Quote: ""... the mission of the banking industry is to keep the customer base safe and customers feeling secure about their financial transactions and payments."" }-

I found the next sentence more interesting and more relevant;
"That may be true, but feeling secure is not the same as being secure.
How this information was acquired and why it wasn't protected against theft is a far more important question."

Marketing and PR can go a long way in making customers feel secure but they don't do anything for their actual security.

It's always extremely dangerous when a bank is hacked. Your financial identity is extremely essential for a successful life.

It amazes me how many of these banks and companies getting hacked have poor security and/or no encryption. TrueCrypt is free so they could have at least used it. It might not have prevented them from getting hacked but at least it would have kept the customers information out of their hands.

-{ Quote: "It amazes me how many of these banks and companies getting hacked have poor security and/or no encryption." }-
Despite the Money Banks own...:-\

-{ Quote: "It amazes me how many of these banks and companies getting hacked have poor security and/or no encryption. TrueCrypt is free so they could have at least used it. It might not have prevented them from getting hacked but at least it would have kept the customers information out of their hands." }-

TrueCrypt, like all other disk-encryption, only protects unmounted volumes !!
ie : The data is only inaccessible to illegitimate users when it is not accessible to legitimate users,
and since the banks probably need to access the data .. Well, I think you get the picture,
If a 'hacker' gains access to a network you may as well have him sit in front of one of the nodes on it !

-{ Quote: "TrueCrypt, like all other disk-encryption, only protects unmounted volumes !!
ie : The data is only inaccessible to illegitimate users when it is not accessible to legitimate users,
and since the banks probably need to access the data .. Well, I think you get the picture,
If a 'hacker' gains access to a network you may as well have him sit in front of one of the nodes on it !" }-
Then the only solution is to not put your money in a bank if you favor ease of use (access to data) over security.

Citibank's security was trivial at best:
http://www.h-online.com/security/news/item/Hackers-breached-Citibank-security-using-simple-URL-manipulation-1260964.html
No great hacking skills were involved.