Commonwealth Bank blunder leaks customer account details

[security curmudgeon <jericho () attrition org>]

[Older incident, courtesy of A.P.]

---------- Forwarded message ----------

Commonwealth Bank blunder leaks customer account details

Article from: The Courier-Mail
http://www.news.com.au/couriermail/story/0,27574,25547350-3102,00.html

Anna Caldwell

May 28, 2009 12:00am

THE private financial details of 19 Queenslanders have been leaked in an 
embarrassing privacy breach by the nation's biggest bank.

Jimboomba resident Darren Starkey was shocked to receive more than 40 
pages of Commonwealth Bank customers' April financial statements when he 
received his own in the post on May 21.

The statements detailed the names, addresses, bank account numbers, loan 
details and financial transactions of 19 people who were unknown to Mr 
Starkey and lived throughout the state.

"I was shocked when I opened the envelope and found all these people's 
personal details," Mr Starkey said. "It is a serious breach of privacy. I 
would hate for my bank statement to be seen by someone else – what if it 
went to a criminal?"

Until The Courier-Mail informed the Commonwealth Bank of the blunder, 
neither the bank nor the people whose statements had been leaked had any 
idea about the mistake.

Several hours later, in a written statement, a spokeswoman for the 
Commonwealth Bank said she was "very concerned that a small number of 
customers' statements were mistakenly included with Mr Starkey's 
statement".

[..]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php