Australia’s most significant bank has actually been struck with a significant information breach.
GettyImages
Australia’s most significant bank has actually confessed to losing the monetary records of nearly 20 million consumer accounts after a subcontractor lost 2 magnetic tape drives including the information in 2016.
The Commonwealth Bank (CBA) validated the news on Thursday after Buzzfeed News exposed the breach, reporting that 12 million Australians– or half the Australian population– was impacted.
In a declaration, CBA stated the information consisted of consumer names, addresses, account numbers and 16 years of deal details utilized to print consumer account declarations (dating from 2000 to early 2016). CBA stated it notified Australia’s Privacy Commissioner when it ended up being mindful of the breach in May 2016, however “a decision was made not to alert customers.”
The magnetic tapes were lost by subcontractor Fuji Xerox throughout the procedure of decommissioning among CBA’s information centres. When CBA might not validate the tapes had actually been ruined, the bank worked with accounting company KPMG to perform a forensic examination. According to CBA, KPMG discovered the “most likely scenario was the tapes had been disposed of.”
However, Buzzfeed News reports that a person of the possible situations examined by KPMG was that the tapes fell off the back of a truck when they were being transferred to be ruined.
The bank states the information did not consist of passwords, PINs or other details that might “enable account fraud” and it was keeping an eye on the 19.8 million consumer accounts included for suspicious activity.
< div class ="shortcode video v2" data-video-playlist="[{" id="" be="" monsters:="" a="" guide="" to="" the="" dark="" web="" hackers="" criminals...="" is="" home="" some="" nasty="" things.="" so="" what="" exactly="" lies="" beneath="" internet="" we="" use="" every="" day="">
Watch this:
Here be monsters: A guide to the dark web
2:35
The incident represents one of the largest data and privacy breaches in Australian history and comes at a bad time for the bank.
Over the past two months, CBA has appeared before a major government-backed inquiry into misconduct in the banking industry, facing allegations of money laundering and charging fees to dead clients. Australia’s top financial regulator APRA released an excoriating report on CBA this week slamming a “widespread sense of complacency” at the bank, with Australia’s Treasurer Scott Morrison saying he expected top executives at CBA would step down.
In relation to this fresh privacy scandal, CBA said on Thursday “no evidence was found of any customer information being compromised, and over the past two years there has been no evidence of customer harm or suspicious account activity.”
But as breach after breach has shown us in recent months and years, customers are no longer just concerned about having traditionally sensitive details like passwords compromised.
In an era when identity theft is a growing threat and personal information is sold on the dark web as a valuable commodity, a data breach of this size is deeply concerning for customers. Criminals can build a detailed profile of a person with information like a name and address (not to mention 16 years of financial records) and a PIN isn’t needed to do serious damage.
While CBA continues to monitor accounts and reassures customers that the tapes were “most likely disposed of,” the concerning fact remains — we may never know.
CNET Magazine: Check out a sample of the stories in CNET’s newsstand edition.
Rebooting the Reef: CNET dives deep into how tech can help save Australia’s Great Barrier Reef.
