iTnews

CBA staff sent emails to cba.com domain by mistake

By Ry Crozier on Jun 1, 2018 2:50PM
CBA staff sent emails to cba.com domain by mistake

About 10,000 customers to be contacted.

The Commonwealth Bank has secured and blocked a .com domain that was the inadvertent recipient of 651 internal emails over the course of a year.

The bank said in a disclosure today that internal CBA emails were being sent to email addresses ending in cba.com instead of cba.com.au.

An investigation identified 651 such emails that had been sent in error during 2016-17, “which contained data relating to approximately 10,000 customers”.

The bank said its investigators had “confirmed the contents of all 651 internal emails were automatically deleted by the cba.com domain owner’s system, which only collected information on CBA sender and recipient email addresses and the subject of the email”.

“CBA’s investigation confirmed that the emails and any associated data had not been used and were deleted permanently from the cba.com domain owner’s servers,” it said.

The bank said that no customer data had been compromised but that it had started to contact customers whose data was affected.

It took steps to prevent more emails being sent to the wrong domain, firstly by blocking internal emails addressed to the cba.com domain in January 2017.

In April 2017, it made a more permanent fix by buying the cba.com domain.

“Since that time any emails inadvertently addressed to cba.com have been returned as ‘undeliverable’,” the bank said.

The cba.com domain had been originally owned by a US-based financial services company before being bought by a cybersecurity company and then ultimately by the bank.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
cba email finance financeit software

Partner Content

Beat the DDoS blackmails in 2021
Promoted Content Beat the DDoS blackmails in 2021
What conversations should executives be having about cyber security?
Partner Content What conversations should executives be having about cyber security?
COVID puts agile IT under the microscope
Promoted Content COVID puts agile IT under the microscope
Four data superpowers to harness before 2022
Promoted Content Four data superpowers to harness before 2022

Sponsored Whitepapers

The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training
Your guide to application security solutions
Your guide to application security solutions
State of Software Security: Open Source Edition
State of Software Security: Open Source Edition
Five questions to ask before you upgrade to a SIEM solution
Five questions to ask before you upgrade to a SIEM solution

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
  • [iTnews and Micro Focus] Navigating the cloud modernisation minefield
By Ry Crozier
Jun 1 2018
2:50PM
0 Comments

Related Articles

  • CBA AI trial brings IBM, Ascent together
  • CBA's benefits finder unearths more than $153m for customers
  • CBA continues expansion of engineering team
  • Westpac turns to analytics to find abuse in transaction descriptions
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

TPG Telecom to start enticing NBN customers to move

TPG Telecom to start enticing NBN customers to move

Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build

Telstra InfraCo opens up telco's own fibre network

Telstra InfraCo opens up telco's own fibre network

Transport for NSW data stolen in Accellion breach

Transport for NSW data stolen in Accellion breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.