Australia’s Commonwealth Bank Lost Financial Data of 12 Million Accounts

Two magnetic tapes containing transaction details for 12 million accounts that belong to Australia’s Commonwealth Bank are missing. This incident is perhaps the largest data loss in Australia. Curiously, the incident stayed under the radar for two years – until Buzzfeed published a report about it just a few days ago.

How Did the Data Go Missing?

The Commonwealth Bank lost the personal financial histories of 12 million customers, and chose not to reveal the breach to consumers, in one of the largest financial services privacy breaches ever to occur in Australia, Buzzfeed uncovered. The incident happened after a subcontractor lost several tape drives with the financial data in 2016.

While the bank initially notified the Office of the Australian Information Commissioner (OAIC) of the breach shortly after it became aware of it in 2016, a spokesperson for the OAIC told BuzzFeed News it was now making further inquiries into the privacy breach, following a damning report into the bank’s culture released on Tuesday.

Angus Sullivan, Commonwealth Bank’s acting group executive of retail banking services has said in a statement that the bank takes the protection of customer data very seriously and incidents like this are not acceptable. The bank is also reassuring their customers that no action is required, apologizing for any concern the incident may have caused.

We undertook a thorough forensic investigation, providing further updates to our regulators after its completion. We also put in place heightened monitoring of customer accounts to ensure no data compromise had occurred,” Sullivan said in the statement.

An investigation was started on May 9, 2016, after the bank didn’t receive any certification about the tapes being destroyed.

Magnetic Tape Data Not Easy to Exploit, Troy Hunt Says

Commonwealth Bank started notifying (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Milena Dimitrova. Read the original post at: