
Incident: CommBank sent 650 customer emails to wrong domain | iTWire

Australian Information Security Incident Reported: June 02 2018
About 10,000 customers of the Commonwealth Bank of Australia, the country’s biggest bank, may have had their personal information compromised due to emails being sent to the cba.com domain, instead of cba.com.au.
The bank said it had confirmed that none of this data had been used and that it was deleted from the cba.com email servers.
“From January 2017, we have been blocking internal emails addressed to the cba.com domain name.”