According to the Commonwealth Bank representatives, two magnetic data tapes were lost, both stored customers’ records, including names, addresses, account numbers and transaction details from 2000 to 2016.
According to the broadcaster ABC, the data were supposed to have been destroyed when a sub-contractor after the dismantled a data centre. The sub-contractor did not provide the bank the documentation to confirm this the disruption of the magnetic data tapes, anyway the bank tried to downplay the situation confirming that the records don’t include passwords, PINs or other financial or sensitive information.
According to an independent forensic investigation conducted in 2016 “the most likely scenario was the tapes had been disposed of,” anyway it was not a data breach and banking systems were not compromised by attackers.
“We take the protection of customer data very seriously and incidents like this are not acceptable,” announced Angus Sullivan, acting group executive for the lender’s retail banking services.
“I want to assure our customers that we have taken the steps necessary to protect their information and we apologise for any concern this incident may cause.”
The Commonwealth Bank is continuing to monitor the accounts of the affected customers providing them full coverage against frauds and other fraudulent activities.
“The relevant regulators were notified in 2016 and we undertook a thorough forensic investigation, providing further updates to our regulators after its completion,” said Sullivan.
“We also put in place heightened monitoring of customer accounts to ensure no data compromise had occurred.
“We concluded, given the results of the investigation, that we would not alert customers.”
Prime Minister Malcolm Turnbull defined the case “an extraordinary blunder.”
“It’s hard to imagine how so much data could be lost in this way,” he said.
“Maintaining data security is of vital importance for everybody, whether it’s the private sector or governments and if there is a serious data breach or loss, the people affected should be advised so they can take steps to protect themselves,” he said.
The case is the last of a string of adverse events that affected the Commonwealth Bank. the banking giant “has been embroiled in claims it broke anti-money laundering and counter-terrorism financing laws and is also facing court over alleged rigging of the benchmark interest rate, which is used to set the price of domestic financial products.”
(Security Affairs – Commonwealth Bank, Data exposure)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.