Australian Bank Confirms Loss Of 20 Million Accounts

A major financial institution in Australia is currently in the grips of a major data breach, that has drawn condemnation from that country’s Prime Minister.

In what prime minister Malcolm Turnbull called “an extraordinary blunder”, the Commonwealth Bank of Australia (CBA) admitted that it had lost the records of nearly 20 million customer banks accounts.

This data breach is not as bad as the Equifax breach, that saw the details of 143 million US consumers, as well as nearly 700,000 UK consumers, stolen.

Missing tapes

But the CBA data loss has been compounded by the bank’s decision not inform its clients, until it force to do so after the potential breach was exposed in the Australian media.

CBA is already reportedly locked in a money laundering scandal in Australia, but when details of the breach emerged, CBA’s acting head of retail banking services, Angus Sullivan, took to Youtube to explain the “privacy incident from 2016.”

In May 2016 Sullivan admitted that the bank had lost two magnetic tapes containing 15 years of data on customer names, addresses and account numbers for 19.8 million accounts.

It seems that the tapes were due to be disposed of, but CBA could not confirm they were securely destroyed, Sullivan said.

However he did say that the bank has seen no evidence of any compromise of customer’s data, and the missing tapes did not contain PINs, passwords or other data that could enable account fraud.

He said that the bank informed its regulators and launched an internal investigation which found the tapes had “most likely been disposed of”.

The bank did not tell customers because “we balanced the need to alert customers without unnecessarily alarming them”, he said. He did say the decision not to inform customers was made in conjunction with Australia’s data protection watchdog.

Political condemnation

But others were less forgiving.

“This is an extraordinary blunder,” Prime Minister Malcolm Turnbull was quoted by Reuters as telling reporters. “It’s hard to imagine how so much data could be lost in this way. If that had happened today, the bank would have to advise each of their customers,” Turnbull added.

Breaches of banking data has happened on this side of the world as well.

Last summer, it was revealed that banks in the European Union that are directly regulated by the European Central Bank (ECB), have to compile with the incoming Global Data Protection Regulations (GDPR).

This contains breach notification requirements, where all organisations must report any form of data breach to authorities within 72 hours.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

11 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

12 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

13 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

15 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

17 hours ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

18 hours ago