20 February 2017
visit nextgenbanking.co.uk

NAB falls foul of domain name squatter

09 January 2017  |  4577 views  |  4 NAB

National Australia Bank accidentally sent the banking details of 65,000 customers to an email address owned by a prolific domain name squatter and porn Website owner.

The embarrassing bungle emerged in December, when the bank dispatched a bulk email involving its migrant banking customers to an address associated with Real Assets president David Weissenberg.

Weissenberg is the owner of Web domains nab.com and nab.nets, along with other salubrious adult sex domains such as supersleazy and sexpornhost.

The bulk mailing included NAB clients' name, address, email address, and in some cases, their BSB and account number. Weissenberg alerted the bank to the error.

In a statement, the bank says there is no indication that customer details have been wrongfully used: "We have been, and continue to, take action to ensure this group of migrant banking customers’ accounts are secure. Although this has been a complex process involving multiple international jurisdictions, all parties - including the email account owner - are taking this extremely seriously and NAB is working hard to resolve this matter for our migrant banking customers as soon as possible."

The incident capped a calamitous end to 2016 for the Australian bank, which aroused the fury of customers after its internet and phone banking crashed two days before Christmas.

Comments: (4)

Nick Ogden
Nick Ogden - C B Infrastructure Limited - London | 10 January, 2017, 09:55

The irony of this is that banks and insurance companies can register secure domains - see https://www.ftld.com/ NAB could have already been using nab.bank as their core URL and that could certainly have saved the "streuth mate, we've screwed up" moment......

1 thumb up! 1 thumb up! (Log in to thumb up)
Paul Nash
Paul Nash - CityLearning Ltd - Dublin | 10 January, 2017, 11:14

In paragraph 3 I think you mean "insalubrious".

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Chris Cotton
Chris Cotton - STePwire - | 10 January, 2017, 16:35

Surely the main point is that they should never be sending their customers' details in an unencrypted email, not that they accidentally sent it to the wrong address.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Chris Barry
Chris Barry - V2 Innovations - Raleigh | 10 January, 2017, 17:26

This provides a great use case for Financial Institutions to use their own branded top level domain or as nick points out the new .bank gTLD. NAB owns .NAB and has delegated the string according to ICANN. If they had switched the e-mail domain to .NAB instead of .com this may have been avoided. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

NAB talks up DevOps as 95% of all transactions go digital

NAB talks up DevOps as 95% of all transactions go digital

18 November 2016  |  8121 views  |  1 comments | 20 tweets | 29 linkedin
NAB back in spotlight as systems fail for third time in a week

NAB back in spotlight as systems fail for third time in a week

11 October 2016  |  3450 views  |  0 comments | 2 tweets | 2 linkedin
NAB accused of 'spying' on customers who move business to rival banks

NAB accused of 'spying' on customers who move business to rival banks

20 June 2016  |  4154 views  |  1 comments | 4 tweets | 4 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
http://www.financialcrimerisk.fiserv.com/aml?r=finextraVisit contisgroup.comvisit BNP paribas

Top topics

Most viewed Most shared
IBM and Visa join forces to turn billions of connected devices into points of saleIBM and Visa join forces to turn billions...
15061 views 11 comments | 50 tweets | 84 linkedin
Nesta launches £5 million Open API challengeNesta launches £5 million Open API ch...
10118 views comments | 21 tweets | 18 linkedin
Jaguar embeds payments into digital dashboardJaguar embeds payments into digital dashbo...
9654 views comments | 48 tweets | 56 linkedin
The fintech effect: Banks buy in to benefits of boosting financial well-beingThe fintech effect: Banks buy in to benefi...
8960 views comments | 15 tweets | 11 linkedin
Kevin the bot uses blockchain to offer insurance for P2P transactionsKevin the bot uses blockchain to offer ins...
7746 views comments | 16 tweets | 12 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job