However, other personally identifying information, such as customer dates of birth, social security numbers, card expiration dates and CVV codes, were not compromised in the hack, Citi said.