Incident: Australia’s Largest Bank Lost The Personal Financial Histories Of 12 Million Customers | BuzzFeed

Posted by Steven Kirby | May 2, 2018 | APP Australian Privacy Principles, Australia, Australian InfoSec Incident, Australian InfoSec Incidents 2018, Banking and Finance, BuzzFeed, Data Loss, Privacy | 0 |

Australian Information Security Incident Reported: May 02 2018

The Commonwealth Bank lost the personal financial histories of 12 million customers, and chose not to reveal the breach to consumers, in one of the largest financial services privacy breaches ever to occur in Australia.

While the issue was revealed publicly last week, it took place in 2016 when the Commonwealth Bank hired a subcontractor to destroy the backup tapes while they were decommissioning a data center. The bank investigated the incident and after it didn’t get acknowledgement about destroying the data tapes.

“The tapes did not contain passwords, PINs or other data which could be used to enable account fraud,” it said.

Source: Australia’s Largest Bank Lost The Personal Financial Histories Of 12 Million Customers

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Audit: Australian Senate Estimates reveal 435 Chinese-made surveillance devices found at defence sites
by Steven Kirby on June 4, 2023
Defence Internal Audit Finding 31 May 2023 Australian Senate questioning reveal 435 Chinese-made surveillance devices found at defence sites Defence …
Steven Kirby on LinkedIn: The Essential Eight Cyber Security Guidelines | Microsoft
by Steven Kirby on June 4, 2023
https://lnkd.in/gZAjz-vm
Nivedita Newar on LinkedIn: Mandatory Cyber Incident Reporting Obligation
by Nivedita Newar on June 4, 2023
Awareness Refresher: If you are a cyber security team member in any role working for any of the 13 critical infrastructure sectors under the SOCI Act…
The Essential Eight Cyber Security Guidelines | Microsoft
by Microsoft on June 4, 2023
The Essential Eight cyber security guidelines for business Malicious cyber activity is increasing in frequency, scale, and sophistication throughout …
Breaking Down the Security of Critical Infrastructure Act
by Wouter Veugelen on June 2, 2023
On 17 February 2023, the Critical Infrastructure Risk Management Program (CIRMP) requirements came into effect. The clock is now ticking for more …
An interview with Gilbert Tobin discussing artificial intelligence in Australia
by Gilbert + Tobin on June 2, 2023
...will apply in respect of any personal information or sensitive information (as defined in the Privacy Act) that is ingested in or used by an AI …
Death and digital assets - Decoding digital assets in estate administration
by Ilana Kacev on June 2, 2023
The ever-evolving digital landscape has changed the concept of what an asset is, beyond that of mere physical possessions to now including numerous …
Regulatory focus on combatting scams and strengthening cyber resilience continues
by Kate Hilder on June 2, 2023
We outline the latest announcements from APRA and ASIC As previously reported, following a record year for consumer scam losses, regulators, have …
Services Australia sharing password-crackers with Dept of Education
by Jeremy Nadel on June 2, 2023
Services Australia has provided smartphone-hacking technology to the Department of Education and other unnamed agencies to assist them in …
Toyota does U-turn, confirms thousands of Australian customers hit by latest data breach
on June 1, 2023
A fortnight after its most recent customer data breach in Japan, Toyota Australia has confirmed the details of almost 3000 local owners were exposed …

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

Featured

Incident: Thousands of identifiable Northern Territory patient health files sent to overseas-based software vendor in government data breach | ABC News (Australia)

Featured

Incident: Drug and alcohol tests of graduate paramedics revealed in Ambulance Victoria data breach | The Guardian

Incident: TechnologyOne investigates 'cyber incident' on M365 system | iTnews

Incident: Crown Princess Mary Cancer Centre in Westmead Hospital in cyber attack, hackers threatening to release stolen data | ABC News (Australia)

Incident: Australian law firm HWL Ebsworth hit by Russian-linked Blackcat ransomware attack | The Guardian

Featured

Audit: Australian Senate Estimates reveals 435 Chinese-made surveillance devices found at defence sites

Featured

Audit: Western Australia Auditor General's Local Government Information Security Audit 2021-22 reports 324 control weaknesses

Audit: Western Australia Auditor General's State Government Information Systems Audit 2021-22

Audit: Queensland Audit Office's State Entities 2022 reports deficiencies in information systems

Audit: Victoria audit warns of weak IT controls in council systems | iTnews

Featured

Quote: Elijah Shaw "In the battle of real world vs..."

Featured

Quote: Kirsten Manthorne "You are an essential ingredient in our ongoing effort to reduce Security Risk.”

Quote: H. Stanley Judd "The ultimate security is your understanding of reality."

Quote: Gilda Radner "There is no real security except for whatever you ..."

Quote: Germaine Greer "Security is when everything is settled, when nothing ..."

Incident: Australia’s Largest Bank Lost The Personal Financial Histories Of 12 Million Customers | BuzzFeed