CBA breach may create trust issue for customers: Sophos

Unnamed bank merchant should come forward, says security expert

The fallout from the Commonwealth Bank of Australia (CBA) credit card breach may affect future customer confidence in the financial institution, according to one security expert.

The credit card breach, which involved an unnamed bank merchant, was estimated to have affected 8000 CBA customers.

While customers have been offered a full reimbursement of funds, Sophos' Asia Pacific managing director, Rob Forsyth, told Computerworld Australia that it was "disappointing" when breaches occurred with organisations such as CBA and the Sony Playstation Network that enterprise and consumer customers have high levels of trust in.

He was also critical of the bank merchant for not coming forward to publicly clear its name.

“You would think that the merchant would come forward so that people would know if they were victims or not," Forsyth said.

"But they might have very valid security reasons that I can’t comment on."

Over time, he said both enterprise and consumer customers had a responsibility to preserve their information online.

"First of all, look at your bank statement to see if any unauthorised charges have been made and keep up to date," Forsyth said.

"Be aware that it’s like crossing the road, you have to pay attention."

He also advised CBA customers to have different passwords for websites.

"If a breach has occurred in one place and you’ve shared a password across many different applications, such as online banking, LinkedIn and Facebook, you’re effectively opening yourself to the weakest link to the chain.”

Got a security tip-off? Contact Hamish Barwick at hamish_barwick at

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags sophosCBACommonwealth Bank of Australia (CBA)

More about Commonwealth Bank of AustraliaCommonwealth Bank of AustraliaetworkFacebookPlaystationSonySophos

Show Comments