In the recent era of the data breach, companies have become at least a bit more forthcoming in disclosing their data incidents — whether on their own or due to public pressure. It wouldn’t be surprising to learn more now about data breaches which may have been hidden in the past, for one reason or another.
As a rather disturbing example, BuzzFeed News is reporting that Australia’s largest bank, The Commonwealth Bank of Australia, lost the personal financial histories of 12 million customers in 2016, and “chose not to reveal the breach to consumers.”
According to the report, the bank lost the statements for customers from 2004 to 2014 “after a subcontractor lost several tape drives containing the financial information in 2016.” Nobody seems to know exactly what happened to the tapes, and the data has never been recovered — but there’s at least a slight possibility the tape drives may have actually fallen off the back of a truck.
[Big breaches aren’t usually this strange, but they’re also certainly not new. Check out Six Of The Biggest Data Breaches In The Modern Tech Era.]
Commonwealth Bank has released its own statement responding to “recent media reports,” stating, “There is no evidence that any customer information was compromised.”
The bank admits it was “unable to confirm the scheduled destruction of two magnetic tapes,” but claims the tapes did not contain passwords, PIN numbers, or “other data which could enable account fraud.”
Although this particular incident only happened a few years ago, we’d hope that companies are now putting a greater emphasis on both cybersecurity and physical security of private data.
Ideally, further publicity of such incidents can only force companies to do better. But we’re also sure this won’t be the last bizarre case of missing data that we’ll find out about.