More bad news relating to CBA. They have confirmed the loss of data relating to almost 20 million accounts. The event happened in 2016, and they decided not to inform customers, as the data “most likely” had been destroyed.
The Commonwealth Bank has confirmed it lost the historical financial statements of almost 20 million accounts, but insists its customers’ information has not been compromised.
The statements, containing customers’ names, addresses, account numbers and transaction details from 2000 to 2016, were stored on two magnetic tapes which were lost by sub-contractor Fuji-Xerox last year.
When the bank became aware of the incident, it said, it ordered an independent “forensic” investigation to figure out what had happened and informed the Office of the Australian Information Commissioner (OAIC).
The inquiry, conducted by KPMG, determined the tapes had most likely been disposed of.
Commonwealth Bank’s Angus Sullivan described the incident as “unacceptable” but said the tapes did not contain any passwords or PINs that could compromise customers’ accounts.
CBA said:
Following recent media reports detailing an incident in May 2016, we want to reassure you there is no evidence of your information being compromised and you do not need to take any action.
Here is what you need to know:
- There is no evidence that any customer information was compromised.
- In May 2016 we were unable to confirm the scheduled destruction of two magnetic tapes used by a supplier to print bank statements. These tapes contained information including customer names, addresses, account numbers and transaction details.
- They did not contain passwords or PINs which could enable fraud.
- We deployed enhanced reporting and ongoing monitoring of customer accounts to ensure customers were protected. These protections are still in place today.
- This was not cyber-related. CommBank’s technology platforms, systems, services, apps and websites were not compromised.
- CommBank offers you a 100% security guarantee against fraud for all your accounts, where you are not at fault. We cover any loss should someone make an unauthorised transaction.