Oh, shoot, I hate when my credit card information becomes accidentally exposed by a computer glitch. Fortunately, I also hate exercise and the feel of wind in my face. More than 1,000 Citi Bike account holders aren’t so lucky, as they learned last week via friendly letter alerting them that there was a security breach in the bike sharing program’s software system and—surprise!—they were one of the members affected.
According to City of Transportation spokesperson Seth Solomonow, the glitch occurred on April 15 and was discovered and corrected “at the end of May,” though a letter received by a customer and reviewed by The Wall Street Journal was dated July 19. Why did it take so long to notify those whose personal and financial information were jeopardized? No one seems to know. “The Mystery of the Time Lapse When Telling People Bad News” would make a good name for a detective novel.
The source of the problem has been traced back to an “error log,” NYC Bike Share LLC reports, which made names, contact info, birth dates, credit card numbers, security codes and passwords “briefly accessible” for 1,174 customers. Solomonow explained to the WSJ via email: “While there is no evidence that any personal information was maliciously accessed or misused, NYC Bike Share engaged a security firm to investigate and recommend appropriate steps to make notifications and safeguard its customers, including to provide identity and credit monitoring free of charge.” The moral of the story? Never ride a bike or trust a computer.
Follow Lauren Beck on Twitter @heylaurenbeck.