subscribe to our newsletter

NAB flags large-scale customer data breach

The major bank has revealed that the private information of approximately 13,000 of its customers has been uploaded to the servers of two unauthorised companies.

NAB has begun advising approximately 13,000 customers that some of their personal information provided when their account was first set up has been uploaded, without authorisation, to the servers of two data service companies.

The compromised data included customer name, date of birth, contact details and, in some cases, a government-issued identification number, such as a driver’s licence number.

However, the major bank has stated that its security teams contacted the companies involved, following which NAB was informed that the information was deleted within two hours.

NAB chief data officer Glenda Crisp commented: “We take the privacy and the protection of customer information extremely seriously and I sincerely apologise to affected customers.


“We take full responsibility.

“The issue was human error and in breach of NAB’s data security policies.”

Ms Crisp stressed that it was not a cyber-security issue, with no NAB log-in details or passwords compromised during the incident.

“Our number one priority is to support our customers. We are moving quickly to proactively contact every person affected,” she added.

NAB is calling, emailing or writing to each impacted customer individually, with a dedicated, specialist support team in place.


NAB also stated that it will cover the costs of any government identification documents that need to be reissued, as well as the costs of independent, enhanced fraud detection identification services for affected customers.

According to NAB, there is no evidence to indicate that any of the information has been copied or further disclosed.

Customers are being advised that they do not need to take any action with their account.

“We have reviewed these customers’ accounts, over and above our rigorous normal checks, and have not identified any unusual activity. We will continue to monitor 24/7 to protect our customers’ accounts,” Ms Crisp said.

NAB has also notified and is working with industry regulators, including the Office of the Australian Information Commissioner.

Ms Crisp concluded: “We take full responsibility. We can assure you that we understand how this happened and we are making changes to ensure this does not happen again.”

[Related: Westpac to remediate 40,000 home loan customers

NAB flags large-scale customer data breach


If you have any news, ideas or enquiries for Mortgage Business - please contact This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest News

A report has found that property investor enquiry spiked and first home buyer enquiry faded on the realestate.com.au website compared with ...

The government has bumped up funding for the regulation of super funds, ahead of its incoming Your Future, Your Super reforms. ...

New home sales tumbled in April as the HomeBuilder scheme concluded but a significant volume of building work is set to commence in 2021, ac...

Do you expect to see strong uptake of the HomeBuilder scheme?

Website Notifications

Get notifications in real-time for staying up to date with content that matters to you.