Apple iPhone users who have the Citigroup application installed have been urged to add an upgrade after a security flaw was discovered.
The bank said that its application accidentally saved information including account numbers, bill payments and security access codes in a hidden file on users' iPhones. The information may also have been saved to a user's computer if it had been synched with an iPhone, according to the Wall Street Journal.
It is believed that approximately 117,600 customers have downloaded the Citigroup application since its launch in March 2009, however the bank does not believe any personal data was exposed by the flaw.
A Citigroup statement emailed Monday to SCMagazineUS.com, said: “This update deletes any Citi Mobile information that may have been saved to their iPhone or computer, and it eliminates the possibility that this will occur in the future."
Citigroup said its mobile banking app is the only application authorised to access the hidden data and that it performed security tests before and after releasing the application, but failed to detect a problem. It said that the problem was discovered in a routine security review and told customers of the problem in a letter dated 20th July. Other Citigroup mobile apps such as the app for credit card customers were not affected, it said in a statement.
Apple has acknowledged the issue and encouraged users to download the updated app.