P&N Bank Data Breach Exposes Trove of User Data

Antus67

Level 9
Thread author
Verified
Well-known
Nov 3, 2019
413
P&N Bank is reportedly sending out notifications to customers of a data breach that resulted in a large amount of sensitive information being compromised.
The affected system, P&N says in the notice, stored a great deal of personally identifiable information (PII), as well as other sensitive data, including names, addresses, email addresses, phone numbers, customer numbers, age, account numbers and balance, and other details, which the bank refers to as non-sensitive.

According to information shared on Twitter by Australian security researcher @vrNicknack, the incident took place on December 12, 2019, during a server upgrade on a third-party hosting provider.


The Australian bank, a division of Police & Nurses Limited, informed customers that unknown threat actors managed to access personal information stored within its customer relationship management (CRM) system.

Passwords, birth-date, health information, driver’s license numbers, passport numbers, social security numbers, tax file numbers, and credit card numbers were not included in the breach, the bank says.
Upon becoming aware of the attack, we immediately shut down the source of the vulnerability,” P&N reveals.
The bank also says that, because its core banking system is completely isolated from the impacted system, the data breach did not cause the loss of customer funds, that credit card details were not accessed, and that banking passwords were not exposed.

P&N told customers it has already informed authorities on the incident. The bank says it has been working with West Australian Police Force (WAPOL), the involved hosting provider, expert advisers, and regulators on investigating the breach.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top