Connecticut reached a settlement with Citibank tied to a 2011 breach. The breach exposed more than 360,000 Citi-issued credit cards, including about 5,000 in Connecticut. Connecticut’s Attorney General notes the incident could have been prevented if Citi implemented stronger security controls. The settlement requires Citi to hire an independent third party to conduct an information security audit of its online banking platform. Citi also must provide appropriate notice and free credit monitoring for two years to any individual affected by future security incidents.”]
Source: https://www.cuinfosecurity.com/was-citi-breach-preventable-a-6042