Story image

CommBank says no evidence customer data was compromised in 2016 breach

03 May 18

The Commonwealth Bank of Australia says there’s no evidence that customer information was compromised in a data breach incident last year and customers don’t need to take any action.

The breach occurred in May 2016 when the bank couldn’t confirm that two magnetic tapes were destroyed, despite being scheduled for destruction.

The tapes were used by a supplier to print bank statements and contained personal information including customer names, addresses, account numbers, and transaction details.

The bank stresses that the tapes did not contain password or PINs, which could be used for fraud. The bank’s own platforms, systems, services, apps, and websites were not compromised.

“We deployed enhanced reporting and ongoing monitoring of customer accounts to ensure customers were protected. These protections are still in place today,” Commonwealth Bank’s acting group executive of Retail Banking Services, Angus Sullivan, says in an email to customers.

 “CommBank offers you a 100% security guarantee against fraud for all your accounts, where you are not at fault. We cover any loss should someone make an unauthorised transaction,” Sullivan says.

The incident paints a clear picture that data breaches don’t necessarily need to be conducted through the internet.

According to ShareRoot, a user-generated content legal rights management software firm, the breach highlights the change in how consumer data will be handled moving forward.

ShareRoot's CEO Noah Abelson-Gertler says the breach also shows that companies collect ‘far more data’ than people realise.

"Consumer consciousness is reaching an abrupt shift. Data sharing, privacy, and breaches, are terms that are getting headlines in newspapers and continue to maintain leading spots on search platforms and social media sites. Bad actors are in the business of hacking into databases and causing breaches because they see the value of the data. The more the breaches, the more the public consciousness increases,” Abelson-Gertler explains.

"There will be more breaches, companies will continue to scramble to improve their data practices, and consumers will keep calling for an overhaul to how companies collect their data and who has control over it."

The Commonwealth Bank offers these tips:

  • Continue using your accounts as you always have.
  • Please remember that CommBank staff will never ask you to divulge your passwords or PINs. We do not send emails with links requesting you to confirm, update or disclose your confidential banking information.
  • If you have questions or would like to discuss, please call us at 1800 316 433.
  • If you would like to find more information you can visit www.commbank.com.au/customerassurance

“I want to apologise for any concern this incident may have caused. If there is any change in circumstances I will let you know,” Sullivan concludes.

The secret to scaling DevOps in the digital era
"Organisations around the world have learnt at a cost that while agile DevOps methodologies can result in improved outcomes within teams and projects, they have a propensity to fail miserably."
APAC FinTech network launches to encourage cross-border innovation
Nine associations formally launched the network by signing a Statement of Intent at the Asian Financial Forum event in Hong Kong.
New blockchain solution aims to keep our food ethical
OpenSC enables anyone to scan product QR codes which automatically takes them to information about where a specific product’s journey.
Avaya expands AI offerings with new partnerships
The additions to the ecosystem will enable Avaya to add prioritisation and natural language processing to its UC solutions.
Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
SUSE partners with Intel and SAP to accelerate IT transformation
SUSE announced support for Intel Optane DC persistent memory with SAP HANA.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."