The Commonwealth Bank has admitted to losing backup data affecting almost 20 million customer accounts.
Commonwealth Bank acting Group Executive for Retail Banking Services, Angus Sullivan, issued a statement on YouTube this morning after reports emerged of the data loss this week.
In the clip, Mr Sullivan confirmed that there was no evidence of customer information being compromised or suspicious activity following the 2016 incident and that no action was required.
ARTICLE CONTINUES AFTER THIS ADVERTISEMENT
In May 2016, we were unable to confirm that two magnetic tapes were securely disposed of,” he said.
“These magnetic tapes contained information used to print account statements.
“They contained customer names, addresses, account numbers and transaction details from 2000 to early 2016.
“The tapes did not contain PINs, passwords or other data that could enable account fraud.”
In a statement, Commonwealth Bank said the reason they didn’t alert customers to the incident was because an independent forensic investigation determined the most likely scenario was the tapes had been disposed of.
“The relevant regulators were notified in 2016 and we undertook a thorough forensic investigation, providing further updates to our regulators after its completion,” Mr Sullivan said.
“We also put in place heightened monitoring of customer accounts to ensure no data compromise had occurred.
“We concluded, given the results of the investigation, that we would not alert customers.
“We discussed this course of action with the OAIC who subsequently advised that it did not intend to take any further action in relation to the matter.”
Commonwealth Bank has since been approached by the OAIC this week to provide additional information about the matter and the actions that they undertook in 2016.