Incidents

Australian bank P&N leaked its customers’ personal information

Network security specialists report that P&N Bank, a banking institution operating in Western Australia, has fallen victim of a data breach that has compromised the personal and financial information of its customers. Bank staff is already notifying all potentially affected clients.

Local media initially reported that a hacker
group managed to access the personal information of at least 100,000 Australian
citizens as a result of this security incident, although official confirmation
from the bank was still lacking.

Eventually P&N Bank confirmed that a group
of threat actors accessed sensitive user information, including details such
as:

  • Full
    names
  • Email
    addresses
  • Phone
    numbers
  • Account
    numbers
  • Current
    account balance

In addition, bank officials claim that other
details, such as social security numbers, driver’s license key, passport
number, credit card details, among others, were not exposed during the
incident.

After confirming the data breach, P&N Bnak began notifying its customers and authorities of the incident. In their notification, bank officials mention that threat actors compromised the customer service system.

The cyberattack appeared to have occurred on
the morning of December 12, 2019, while the bank’s network security team was
performing an update to its servers. Hackers may have attacked a bank
contractor who provides hosting services to complete the attack.

As a security measure, the bank announced the
closure of some systems, among other procedures: “After detecting the
attack, the security weakness was corrected immediately. We continue to monitor
our networks for signs of suspicious activity,” the bank’s message says.

In addition, P&N Bank announced that it
will have the collaboration of a prestigious security firm in the investigation
of the incident. The bank concluded its message by ensuring that, so far, there
is no evidence of theft of client funds or unauthorized transfers.

Network security experts at the International
Institute of Cyber Security (IICS) recommend users monitor their bank
statements to prevent potential fraud attempts, as well as activate SMS
notifications from their account and notify institution any suspicious
activity.

To Top

Pin It on Pinterest

Share This