The Wall Street Journal reports that Citigroup has disclosed a security flaw in its free U.S. mobile-banking application for iOS devices.
Citi has indicated that the iOS app inadvertently saves information such as account numbers, bill payments and security access codes on users’ iOS devices and that this information may also be saved to a users’ desktop computer as part of the iTunes backup created during the sync process. The issue is reported to have affected approximately 117,600 Citigroup customers who have registered the iPhone app with Citi since its March 2009 launch, however the bank does not believe that any personal data has actually been exposed by the flaw.
Citi has sent out letters to customers advising them of the security issue and directing users to download the newest version of the Citi Mobile app as a mandatory update. The latest version of Citi Mobile addresses this issue and also provides iPod touch support for credit card customers and other bug fixes.