Friday, January 18, 2019
Text Size

Site Search powered by Ajax

Australia's Commonwealth Bank admits 2016 data breach

Revelation comes as country's financial sector faces intense scrutiny by royal commission searching for misconduct.

Australia's Commonwealth Bank lost the bank records of almost 20 million people and decided not to reveal the breach to customers upon discovery since 2016, according to news media reports.

The bank admitted its mistake on Wednesday night after Buzzfeed News broke the story. It reported that 12 million - half the Australian population - was affected.

Commonwealth Bank, Australia's biggest bank, said it lost two magnetic data tapes that stored names, addresses, account numbers and transaction details from 2000 to 2016.

They were meant to be destroyed by a subcontractor in May 2016, according to national broadcaster ABC, but the bank never received documentation for confirmation.

The bank assured customers that their passwords and PINs that could be used for fraud remain intact.

It also emphasised that "no evidence was found of any customer information being compromised".

Angus Sullivan, the bank's acting group executive for retail banking services, released an official statement on Wednesday.

"We take the protection of customer data very seriously and incidents like this are not acceptable," he said.

"I want to assure our customers that we have taken the steps necessary to protect their information and we apologise for any concern this incident may cause."

Forensic investigation

Commonwealth Bank initially notified the Office of the Australian Information Commissioner of the breach shortly after it occurred.

Sullivan said the bank undertook a thorough forensic investigation and provided updates to its regulators.

It also hired accounting firm KPMG to conduct a search to find the missing tape drives, but found no trace.

The forensic team formulated the view that the data had most likely been destroyed, without conclusive evidence.

Only 150 people in the organisations, including risk specialists and senior executive team, were aware of the breach when it occurred.

The bank considered notifying the customers, but ultimately decided that the risk of misuse or discovery of data was low, according to Buzzfeed News.

Ian Narev, the bank's former CEO, who was in charge at the time of the breach, resigned in August 2017.

Over the past two months, the Commonwealth Bank faced has allegations from the government of money laundering and collecting fees from customers that it knew had died.

The breach is the latest scandal in Australia's financial industry.

The revelation comes at a time when Australian banks are under unprecedented scrutiny by a royal commission searching for misconduct.

blog comments powered by Disqus

Subscribe via RSS or Email:

Amazon HQ2 'to be split over New Yo...

Read More

Saudi to cut oil exports by 500,000...

Read More

European Union extends sanctions on...

Read More

What is SWIFT and why it matters in...

Read More

Bin Salman launches Saudi Arabia's ...

Read More

China's Xi pledges to lower tariffs...

Read More

Most Read Articles

Most Read News


Thanks to all of our supporters for your generosity and your encouragement of an independent press!

Enter Amount:



Login reminder Forgot login?

Subscribe to MWC News Alert

Email Address

Subscribe in a reader Facebok page Twitter page

Israel pounds Gaza

India's Kerala state devastated

Capturing life under apartheid