CBA breach may create trust issue for customers: Sophos

Unnamed bank merchant should come forward, says security expert

The fallout from the Commonwealth Bank of Australia (CBA) credit card breach may affect future customer confidence in the financial institution, according to one security expert.

The credit card breach, which involved an unnamed bank merchant, was estimated to have affected 8000 CBA customers.

While customers have been offered a full reimbursement of funds, Sophos' Asia Pacific managing director, Rob Forsyth, told Computerworld Australia that it was "disappointing" when breaches occurred with organisations such as CBA and the Sony Playstation Network that enterprise and consumer customers have high levels of trust in.

He was also critical of the bank merchant for not coming forward to publicly clear its name.

“You would think that the merchant would come forward so that people would know if they were victims or not," Forsyth said.

"But they might have very valid security reasons that I can’t comment on."

Over time, he said both enterprise and consumer customers had a responsibility to preserve their information online.

"First of all, look at your bank statement to see if any unauthorised charges have been made and keep up to date," Forsyth said.

"Be aware that it’s like crossing the road, you have to pay attention."

He also advised CBA customers to have different passwords for websites.

"If a breach has occurred in one place and you’ve shared a password across many different applications, such as online banking, LinkedIn and Facebook, you’re effectively opening yourself to the weakest link to the chain.”

Got a security tip-off? Contact Hamish Barwick at hamish_barwick at

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU

Join the newsletter!

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags securitysophosCBACommonwealth Bank of Australia (CBA)

More about Commonwealth Bank of AustraliaCommonwealth Bank of AustraliaetworkFacebookPlaystationSonySophos

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Hamish Barwick

Latest Videos

More videos

Blog Posts