cyber Breach

Commonwealth Bank

May 11, 2023 1 min read
Commonwealth Bank

The Commonwealth Bank lost the personal financial histories of 12 million customers and chose not to reveal the breach to consumers.

It happened after a subcontractor lost several tape drives containing the financial information in 2016.

Personal banking statements contain potentially sensitive personal information and can paint a detailed portrait of the financial and personal affairs of a person which could potentially be misused by organized crime groups.

The information disclosed in the breach did not contain anything that could directly compromise accounts, such as passwords or PIN numbers.

The bank then undertook significant steps to attempt to retrieve the information.

Source: https://www.buzzfeed.com/paulfarrell/australias-largest-bank-lost-the-personal-financial?utm_term=.phlRGJD9b#.bjKQjmyko

TPRM report: https://scoringcyber.rankiteo.com/company/commonwealthbank

"id": "com234728722",
"linkid": "commonwealthbank",
"type": "Data Leak",
"date": "05/2018",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '12 million',
                        'industry': 'Banking',
                        'name': 'Commonwealth Bank',
                        'type': 'Financial Institution'}],
 'attack_vector': 'Loss of Physical Media',
 'data_breach': {'number_of_records_exposed': '12 million',
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['personal financial histories',
                                              'sensitive personal '
                                              'information']},
 'description': 'The Commonwealth Bank lost the personal financial histories '
                'of 12 million customers and chose not to reveal the breach to '
                'consumers. It happened after a subcontractor lost several '
                'tape drives containing the financial information in 2016. '
                'Personal banking statements contain potentially sensitive '
                'personal information and can paint a detailed portrait of the '
                'financial and personal affairs of a person which could '
                'potentially be misused by organized crime groups. The '
                'information disclosed in the breach did not contain anything '
                'that could directly compromise accounts, such as passwords or '
                'PIN numbers. The bank then undertook significant steps to '
                'attempt to retrieve the information.',
 'impact': {'data_compromised': ['personal financial histories',
                                 'sensitive personal information']},
 'response': {'remediation_measures': ['attempt to retrieve the information']},
 'title': 'Commonwealth Bank Data Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.