ANZ closes security hole, opens another

ANZ closes security hole, opens another

Summary: ANZ has closed an older security hole in its online eStatements service, but at the same time opened up a new hole that exposed the personal details of some of its customers.

SHARE:
TOPICS: Security, Banking
0

ANZ has closed an older security hole in its online eStatements service, but at the same time opened up a new hole that exposed the personal details of some of its customers.

The bank previously pulled the service after it was discovered that electronic bank statements were being stored in web browsers' history functions, leaving them vulnerable to snooping on public computers. While that security hole has been fixed and brought back into use, ANZ has unwittingly allowed a small number of users to access other people's statements.

ANZ said that it became aware of the issue through its own internal monitoring processes, and from concerned customers who had called the bank, and as a result immediately disabled online statements again. It said that it was aware of only a small number of instances in which users received someone else's statements and estimated that about 60 customers were affected.

Meanwhile, ANZ has stated that it has advised the privacy commissioner of the incident and will be contacting impacted customers to brief them on the situation.

"This is a regrettable incident that will be investigated fully and we apologise to our customers," the bank said.

Topics: Security, Banking

Michael Lee

About Michael Lee

A Sydney, Australia-based journalist, Michael Lee covers a gamut of news in the technology space including information security, state Government initiatives, and local startups.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion