Case Study: NAB Data Breach
On the 26th July 2019, National Australia Bank (NAB) which is the 4th largest bank in Australia,
contacted approximately 13,000 customers to advise that some personal information provided when
their account was set up was uploaded, without authorisation, to the servers of two data service
companies. NAB’s security teams have contacted the companies, who advise that all information
provided to them is deleted within two hours.
NAB Chief Data Officer, Glenda Crisp, said the compromised data included customer name, date of
birth, contact details and in some cases, a government-issued identification number, such as a driver’s
licence number. “We take the privacy and the protection of customer information extremely seriously
and I sincerely apologise to affected customers. We take full responsibility,” she said. “The issue was
human error and in breach of NAB’s data security policies.” Ms Crisp said it was not a cyber-security
issue. No NAB log-in details or passwords have been compromised – and NAB’s systems remain secure.
Page | 3
Asia Pacific International College Pty Ltd. Trading as Asia Pacific International College
55 Regent Street, Chippendale, Sydney 2008: 02-9318 8111
PRV12007; CRICOS 03048D
Approved: 13/02/2019, Version 1
“Our number one priority is to support our customers. We are moving quickly to proactively contact
every person affected.”
NAB called, emailed or written to each impacted customer individually. A dedicated, specialist support
team was in place, available to them 24/7. If government identification documents need to be
reissued, NAB would cover the cost. NAB would also cover the cost of independent, enhanced fraud
detection identification services for affected customers. Importantly there is no evidence to indicate
that any of the information has been copied or further disclosed.
#Sales Offer!| Get upto 25% Off: