Share

Top 5 Stories

News

Security bugs plague ANZ Bank online statement service

12 January 2012

ANZ Bank has shut down its online bank statement service indefinitely after two security incidents in the span of a month.

This week, ANZ Bank discovered that online banking statements were sent to the wrong customers, prompting the Australian bank to suspend the online bank statement service. The bank also suspended the service before Christmas because of a different security bug, according to a report by the Australian newspaper.

“We became aware of an issue while reinstating online statements that meant a small number of customers may have been able to view another customer's statement. While we are only aware of a small number of instances we immediately decided to disable online statements until the issue is fully resolved”, a bank spokesman told the newspaper.

The spokesman said that only about 60 customers had been affected by the mistake, and the bank would compensate any victims of fraud associated with the breach.

In a Jan. 11 statement, Australian Privacy Commissioner Timothy Pilgrim commented on the ANZ Bank breach: “ANZ are continuing to keep me informed about their progress in investigating and resolving this matter. I am pleased to see that they promptly sought to notify affected customers and put in place steps to reduce any potential impacts on those customers. All organizations are encouraged to let us know if an incident like this occurs so that we can work with them to help them improve their practices.”
 

This article is featured in:
Application Security  •  Data Loss  •  Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×