SECURITY
SECURITY
SECURITY
Customer data stolen in hack of Western Australia’s P&N Bank
P&N Bank, a community-owned bank serving Western Australia, has suffered a data breach with customer data stolen.
The hack took place Dec. 12 during a server upgrade on an outside hosting service. The data stolen included customer names and ages, residential addresses, email addresses, phone numbers, customer numbers, account numbers and account balances. The bank noted that no passwords or credit card numbers were stolen.
The bank, previously called the Police & Nurses Credit Society, has about 96,000 members, many of them police and nurses, although the bank provides services to the public at large.
Affected customers were informed by email of the breach Wednesday. Australia doesn’t have the same disclosure laws as in Europe, which has the comprehensive European Union General Data Protection Regulation, but taking an entire month to inform customers is not a great business practice anywhere.
Western Australia Police, federal authorities and regulators and an outside information technology specialist are investigating the breach.
“The financial industry is one of the largest targets for cybercriminals and unfortunately, breached data from those types of organizations can be damaging for years to come,” Stephan Chenette, co-founder and chief technology officer at cybersecurity firm AttackIQ Inc., told SiliconANGLE. “The complete set of personally identifiable information hacked can now be bought and sold for top dollar on the dark web, further exposing the account holders to future fraud or phishing attacks.
Chenette said organizations must take proactive approaches to protect their data, including mapping organizational capabilities and security controls to specific attack scenarios to measure their preparedness to detect, prevent and respond to these threats.
James Carder, chief security officer and vice president of LogRhythm Labs, noted that the bank didn’t have the visibility necessary to ensure that the third party had the proper security controls and processes in place to protect the data. “Even if the breach was caused by the third party, the financial institutions’ brand image and accountability are still directly associated with their customers,” he said.
Photo: P&N Bank
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
