The loss itself occured in 2016 when a subcontractor (Fuki Xerox) seemingly misplaced the data stored on tape drives. The tapes contained customer names, addresses, account numbers and transaction details from 2000 to early 2016.
CBA's acting Group Executive, Retail Banking Services, Angus Sullivan accepted responsibility on YouTube after BuzzFeed Australia broke the story on Wednesday. Others suggest that a person tasked with destroying the tapes might have left them unattended. We also put in place heightened monitoring of customer accounts to ensure no data compromise had occurred.
In relation to this fresh privacy scandal, CBA said on Thursday "no evidence was found of any customer information being compromised, and over the past two years there has been no evidence of customer harm or suspicious account activity".
The tapes were due to be disposed of, but CBA could not confirm they were securely destroyed, Sullivan said.
Customers of Commonwealth Bank in Australia are receiving messages about major data loss at the financial institution.
Air National Guard C-130 carrying 9 involved in deadly crash
It was flying from the coastal city of Savannah, Georgia to Tucson, Arizona, where it was to be decommissioned. The Savannah Professional Firefighters Association said it was a C-130 airplane, a military cargo aircraft.
The OAIC is now seeking more assurances from the bank and a statement was released by the organization in this regard.The Office of the Australian Information Commissioner (OAIC) is now seeking more assurances from the bank that it has learnt from the massive data breach. There have been numerous reports of counterfeit credit cards and identities from CBA-owned BankWest available for sale on the dark web, and staff members were sacked from the WA bank in 2014 for selling documents. The tapes did not contain passwords, PINs or other data which could be used to enable account fraud. It did not tell customers because "we balanced the need to alert customers without unnecessarily alarming them", he said.
"Even when you are not required to make an individual notification to affected individuals, I think it will often be prudent for organisations to make some kind of public announcement that they have had an incident and [explain] how they have addressed it", Mr Leonard said.
Buzzfeed has since claimed the OAIC is now making further inquiries, following a report by the banking regulator that slammed the bank for its "widespread sense of complacency".
The bank believes the data was most likely destroyed but can not confirm that is the case.
Commenting on the incident, the Australian Prudential Regulation Authority said that community trust in CBA had been "badly eroded" and the bank had "fallen from grace".
However, Mr Sullivan said the OAIC contacted the bank this week seeking more information about the possible breach.
- Ashley Judd sues Harvey Weinstein, says tried to hurt career
- Diseases from mosquitoes, ticks on the rise — CDC
- Passengers Escape Death As Alaska Airline Makes Emergency Landing
- Ana Navarro: Give Nobel Peace Prize To Michelle Wolf For WHCD Gig
- Lords vote to allow United Kingdom parliament to block Brexit 'no deal'
- May Marks The Start Of Severe Weather Season In Colorado
- Gun restrictions at NRA convention spark 'irony' outcry
- Adamawa government confirms 27 people dead in Mubi bomb blasts
- USA crude rises on concern over Iran sanctions, Venezuelan output
- Cavaliers vs. Raptors Game 1