Citibank plans to reissue all customer debit cards involved in the data breach at Target, making it the second major bank to do so since the attack was disclosed last month.
The bank did not replace the debit cards sooner because it wanted to minimize disruptions during the holiday shopping season, according to a person briefed on the company's decision who spoke on the condition of anonymity. It will begin sending out new cards soon.
(Read more: JPMorgan limits debit cards used at Target)
Adam Jeffery | CNBC
Target initially said that card information from 40 million customers was stolen between late November and mid-December when its in-store network was hacked.
Last week, the company revised its damage estimate to include other systems, which stored the personal data of 70 million more customers, with possible overlap, including people who may not have shopped at Target recently. Experts say it was one of the largest thefts of consumer data.
Citi said its decision this week was not motivated by any new surge of fraud or by additional information on the breach but was a precautionary measure. Still, Citi's move highlighted the potential for continuing damage to consumers, banks and Target as data stolen in the breach may keep leaking into the black market.
(Read more: )
Neiman Marcus also disclosed late last week that its systems had been breached, although it has not revealed how widespread the theft was.