P&N Bank in West Australia (WA) is informing its customers that hackers may have accessed personal information stored on its systems following a cyber attack.
The financial organisation says in the breach notification sent to customers that the compromised system contained the following information: names, addresses, emails, age, customer and account numbers, as well as the account balance. All this counts as personally identifiable information that is protected under the Privacy Act in Australia. As many as 100,000 individuals may be impacted by the incident, which was labelled as “sophisticated” by Andrew Hadley, the bank’s chief executive officer. The attack did not target P&N Bank directly. It occurred during a server upgrade around December 12, 2019, at a third-party that was offering hosting services to the organisation.
Funds, social security numbers, and data in identification documents (driver’s license, passport) were stored on a different system and are safe.