National Australis Bank has begun contacting approximately 13,000 customers to advise that some personal information provided when their account was set up was uploaded, without authorisation, to the servers of two data service companies.
NAB chief data officer, Glenda Crisp, says the compromised data included customer name, date of birth, contact details and in some cases, a government-issued identification number, such as a driver’s licence number.
“We take the privacy and the protection of customer information extremely seriously and I sincerely apologise to affected customers. We take full responsibility,” she says. “The issue was human error and in breach of NAB’s data security policies.”
No NAB log-in details or passwords have been compromised - and NAB’s systems remain secure, she says.
NAB says it will cover the costs or re-issuing Government identification documents if needed. It will also put in place enhanced fraud detection identification services for affected customers.
Adds Crisp: “We have reviewed these customers’ accounts, over and above our rigorous normal checks, and have not identified any unusual activity. We will continue to monitor 24/7 to protect our customers’ accounts.”