18 November 2017
visit www.avoka.com

NAB falls foul of domain name squatter

09 January 2017  |  5544 views  |  4 NAB

National Australia Bank accidentally sent the banking details of 65,000 customers to an email address owned by a prolific domain name squatter and porn Website owner.

The embarrassing bungle emerged in December, when the bank dispatched a bulk email involving its migrant banking customers to an address associated with Real Assets president David Weissenberg.

Weissenberg is the owner of Web domains nab.com and nab.nets, along with other salubrious adult sex domains such as supersleazy and sexpornhost.

The bulk mailing included NAB clients' name, address, email address, and in some cases, their BSB and account number. Weissenberg alerted the bank to the error.

In a statement, the bank says there is no indication that customer details have been wrongfully used: "We have been, and continue to, take action to ensure this group of migrant banking customers’ accounts are secure. Although this has been a complex process involving multiple international jurisdictions, all parties - including the email account owner - are taking this extremely seriously and NAB is working hard to resolve this matter for our migrant banking customers as soon as possible."

The incident capped a calamitous end to 2016 for the Australian bank, which aroused the fury of customers after its internet and phone banking crashed two days before Christmas.

Comments: (4)

Nick Ogden
Nick Ogden - ClearBank - London | 10 January, 2017, 09:55

The irony of this is that banks and insurance companies can register secure domains - see https://www.ftld.com/ NAB could have already been using nab.bank as their core URL and that could certainly have saved the "streuth mate, we've screwed up" moment......

1 thumb up! 1 thumb up! (Log in to thumb up)
Paul Nash
Paul Nash - CityLearning Ltd - Dublin | 10 January, 2017, 11:14

In paragraph 3 I think you mean "insalubrious".

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Chris Cotton
Chris Cotton - STePwire - | 10 January, 2017, 16:35

Surely the main point is that they should never be sending their customers' details in an unencrypted email, not that they accidentally sent it to the wrong address.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Chris Barry
Chris Barry - V2 Innovations - Raleigh | 10 January, 2017, 17:26

This provides a great use case for Financial Institutions to use their own branded top level domain or as nick points out the new .bank gTLD. NAB owns .NAB and has delegated the string according to ICANN. If they had switched the e-mail domain to .NAB instead of .com this may have been avoided. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

NAB talks up DevOps as 95% of all transactions go digital

NAB talks up DevOps as 95% of all transactions go digital

18 November 2016  |  9342 views  |  1 comments | 20 tweets | 29 linkedin
NAB back in spotlight as systems fail for third time in a week

NAB back in spotlight as systems fail for third time in a week

11 October 2016  |  3965 views  |  0 comments | 2 tweets | 2 linkedin
NAB accused of 'spying' on customers who move business to rival banks

NAB accused of 'spying' on customers who move business to rival banks

20 June 2016  |  4668 views  |  1 comments | 4 tweets | 4 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit https://www.niceactimize.comvisit www.atos.netvisit www.ncr.com

Top topics

Most viewed Most shared
Ripple boss predicts central bank adoption of blockchainRipple boss predicts central bank adoption...
11745 views comments | 20 tweets | 19 linkedin
Singapore central bank open sources blockchain prototypesSingapore central bank open sources blockc...
11686 views comments | 15 tweets | 28 linkedin
Digital receipt startup Flux scores game-changing deal with BarclaysDigital receipt startup Flux scores game-c...
9847 views comments | 20 tweets | 36 linkedin
AmEx partners Ripple and Santander for blockchain-enabled cross-border paymentsAmEx partners Ripple and Santander for blo...
9165 views comments | 13 tweets | 38 linkedin
UK cryptocurrency exchange startup launches debit card for spending bitcoinUK cryptocurrency exchange startup launche...
7792 views comments | 26 tweets | 37 linkedin

Featured job

Competitive
Germany, Austria or Switzerland

Find your next job