Bank details exposed in second New Payments Platform breach
Almost 100,000 bank and credit union customers using the real-time New Payments Platform have been entangled in a data breach.
Almost 100,000 bank and credit union customers using the real-time New Payments Platform have become entangled in a data breach, prompting lenders to warn account holders their information might be at risk.
The breach earlier this month was linked to “a vulnerability” in a financial institution using the NPP through credit union and mutual platform Cuscal.
In a statement yesterday, Cuscal said fewer than 92,000 customers, or about 3 per cent of those registered for the PayID system, were affected. But the incident is another blow to the NPP, marking the second breach in as many months after Westpac was targeted in June.
“Upon identification of the issue our NPP-identified institution client took immediate action to remediate, as well as putting additional alerting in place to mitigate against further incidents,” Cuscal said. “Technology changes were made by the client immediately.”
NPP allows the instant flow of money and data between bank accounts and can draw on an email address or mobile number rather than a customer’s account number. The Reserve Bank backed the initiative to stop financial institutions dragging the chain on real-time payments.
The latest data breach led to unique identifier records known as PayIDs — including names and account numbers — being exposed.
“While this incident affects a small number of CommBank and Bankwest accounts, we are encouraging all customers to be extra vigilant to protect their information,” a Commonwealth Bank spokesman said.
A Westpac spokesman said the bank had notified customers caught in the breach. “We are urging all customers to be wary of any SMS phishing attempts — for example, a personalised message that looks like a legitimate message from Westpac or another bank — in an attempt to acquire banking credentials and password,” she said.
National Australia Bank said it had contacted customers affected by the breach.
Only recession can make ‘ruthless’ Victoria great again
Not all is lost. Victoria has a clear competitive advantage across four world-beating exports and these mines won’t run dry. But first there will be pain.
Silence to settle NAB ‘boys club’ suit
Allegations that NAB’s markets business had a ‘boys club’ culture or that a former trader was threatened with a baseball bat will not be tested in court after the bank settled a long-running case.