The Australian banking system has been rocked by a mystery security breach which caused the immediate cancellation of over 10,000 cards on Friday. The Commonwealth Bank and the St George Bank initiated the alert via SMS to customers notifying them that their cards would be cancelled as part of precautionary measures.
The Commonwealth Bank said in a statement that it was alerted to comprised security for credit card data following the report of a potential data breach by an undisclosed Australian merchant (serviced by another bank). However, none of the affected banks have revealed the cause or detailed the exact nature of the security breach.
The Commonwealth Bank has cancelled 8,000 cards while Bendigo Bank has also reportedly cancelled 2,300 cards. Westpac and the National Australia Bank (NAB) alerted customers of the fraudulent activity but said that only a small amount of customers - fewer than 1,000 - had been affected.
The affected banks reissued credit cards while monitoring all transactions for potential fraud. ANZ Bank, which uses Falcon fraud detection software, did not notify its customers about the incident.
The flow-on affect of the card cancellations means that scheduled bill payment transactions and direct debts for thousands of merchants will also be affected.
The security breach is the latest in a run of technical glitches to hit the banking sector.
Earlier in the month an air conditioning fault at a data centre immobilized the Westpac ATM, EFTPOS and online banking system for a day. The outage also affected retail transactions and national transport networks such as CityRail which use Westpac EFTPOS terminals.
Last month, thousands of NAB customers were blocked from receiving their scheduled pay, a data error which extended to payrolls that NAB processes for other banks, including Macquarie Bank and HSBC. While in March, Commonwealth Bank ATMs spat out “free money”, after a routine maintenance drill had crashed its online and phone banking system. ®