Citigroup Inc., the third-largest U.S. bank, won dismissal of a suit in which cardholders claimed the bank failed to take adequate steps to prevent a computer security breach that affected more than 360,000 accounts.
Kristina and Steven Orman of Northport, New York, sued Citigroup in federal court in Manhattan in October, seeking to represent victims of the hacking in a class-action, or group, lawsuit. They claimed they were victims of identity theft and money was stolen from their bank account and their credit cards following the breach.
U.S. District Judge Deborah Batts in Manhattan today ruled that the dispute should be decided by an arbitrator. She said the plaintiffs didn’t dispute that they had entered into an arbitration agreement with the bank. She also said the lawsuit didn’t assert any claims under federal law.
“Dismissal of this action is therefore warranted,” the judge said in the order.
Citigroup said in June 2011 that the breach, affecting 1.5 percent of its card customers in North America, was discovered at Citi Account Online during routine monitoring. Customers’ names, account numbers and e-mail addresses were viewed, Citigroup said.
“We are pleased with the court’s ruling in this matter,” Emily Collins, a spokeswoman for New York-based Citigroup, said in statement. “We will not comment further because this matter may continue in arbitration.”
The case is Orman v. Citigroup Inc., 11-cv-7086, U.S. District Court, Southern District of New York (Manhattan).