Banks leaking sensitive customer information is a big problem in this Digital Age. One of Australia’s leading banks got mixed up in an ongoing data leak, as sensitive customer information was being shared through a rogue email. Things started off with a wrong CC in the email field, which allowed an authorized recipient to get a copy of the email in question. Things only escalated from there on out.
Major Australian Bank Leaks Sensitive Customer Information
Ever since the email was sent out to a recipient not privy to the sensitive information, things went from bad to worse for the Australian bank. As is the case with any email message containing carbon copy recipients, everyone on the list will see the content of that particular message. Moreover, it also grants all recipients a copy of the other email addresses which receive this email, which creates a whole set of new security issues.
National Australia Bank got caught up in this story as one of their confidential emails contained one unauthorized recipient. This indicates the original sender of the email made an error. Human error is always to blame for events like these, as it seems to suggest they had contact with that recipient while using their work email account. However, it could also be a random error, as the email was sent out to the wrong domain name’s mailbox, which unfortunately happened to exist.
The email in question contains an attachment which includes basic data of roughly 60,000 bank accounts. However, it remains unclear who received the message, as the email server is signed up to Gmail. Google does not share recipient data with other parties unless a court order is presented. So far, National Australia Bank has not considered legal matters to get this issue resolved.
However, it is possible no real harm was done in the process, as it appears unclear if the recipient even checks that mailbox, to begin with. At the same time, this also poses a big problem regarding security and accountability. Just because someone may not have read the email, does not mean no error was made. Moreover, the affected customers of this data leak will not be at ease until this problem has been fully rectified.
Traditional financial institutions have a habit of messing up important tasks as of late. On the one hand, they struggle to safeguard consumer funds against theft. On the other hand, they share information in insecure manners and seem incapable of double-checking email recipient information. A serious problem that needs to be addressed sooner rather than later, that much is certain.
Header image courtesy of Shutterstock