Commonwealth Bank of Australia (CBA) on Thursday said it lost records of almost 20 million accounts in an incident identified in May 2016.
In a video statement released on Youtube, the CommBank Group Executive, Retail Banking Services, Angus Sullivan, said that there was no evidence that any customer records have been compromised. He said that the bank found in May 2016 it had lost two magnetic tapes containing 15 years of data on customer names, addresses and account numbers for 19.8 million accounts.
The tapes were due to be disposed of, but CBA could not confirm they were securely destroyed, Sullivan said. The tapes did not contain PINs, passwords or other data that could enable account fraud, he said.
The bank informed its regulators and launched an internal investigation which found the tapes had "most likely been disposed of", Sullivan said. It did not tell customers because "we balanced the need to alert customers without unnecessarily alarming them", he said.
"This was not cyber-related and there has been no compromise of CommBank's technology platforms, systems, services, apps or websites. CommBank offers you a 100% security guarantee against fraud for all your accounts, where you are not at fault. We cover any loss should someone make an unauthorised transaction," the bank says in its website.