The Commonwealth Bank of Australia (CBA) is unsure of where data on millions of customers has gone, after it was revealed that magnetic tapes comprising information used to print account statements may not have been properly disposed of.
Following a report[1] from BuzzFeed News, CBA published a video explaining the issue potentially affecting 19.8 million customers.
"Firstly, I want to reassure you that there is no evidence that any customer records have been compromised," CBA acting group executive of Retail Banking Service Angus Sullivan said in the video.
Sullivan explained that in May 2016, the bank was unable to confirm that two magnetic tapes containing information used to print account statements were securely disposed of following the scheduled destruction by a supplier.
He affirmed the tapes did not contain PINs, passwords, or other data that could enable account fraud.
"Most likely the tapes have been disposed of, but without evidence, we immediately launched an investigation and notified the Australian Prudential Regulation Authority and the privacy commissioner," he continued.
"We consulted with the privacy commissioner at the time and the decision was made not to alert customers given the outcome of our investigation which found the tapes were most likely disposed of.
"In these cases, we balance the need to alert customers without unnecessarily alarming them."
Must read: OAIC received 31 notifications in the first three weeks of data breach scheme[2]
It also said the incident did not