In a shocking revelation, an investigation by a leading Australian research tech firm, Dvuln, has exposed that over 31,000 passwords from Australia’s Big Four banks have been compromised and shared with cyber criminals online.
- Per ABC News, the investigation, led by cyber intelligence researchers, revealed that passwords “belonging to at least 14,000 Commbank customers, 7,000 ANZ customers, 5,000 NAB and 4,000 Westpac customers,” have been made available for cyber criminals on Telegram and the dark web.
- The breach was not due to any security issues within the banks themselves, but rather the result of devices being infected with infostealer malware, which was then used to steal the passwords.
The malware, as stated by Jamie O’Reilly, Dvuln’s founder, is a type of program designed to suck out valuable data from devices and send it to cyber criminals. This type of malware can attack and obtain passwords, credit card details, cryptocurrency wallets, personal files, browser data, and much more.
| Characteristics of Infostealer Malware | Effects on Users |
|---|---|
| Infostealer malware can steal passwords, credit card details, and cryptocurrency wallets. | Users can lose access to their online accounts, personal files, and sensitive information. |
| The malware can also attack browser data and personal files. | Users may experience issues with their online banking, shopping, and other online activities. |
The Australian Banking Association CEO, Anna Bligh, has stated that the bank’s top priority is to keep customers secure online. The data breach was not due to a security issue at the bank, but rather from personal devices being infected with the malware.
“If customers have any concerns about their account details, they should get in touch with their bank as soon as possible.”
Dvuln’s founder, Jamie O’Reilly, has emphasized the importance of taking proactive measures to protect passwords and sensitive information. He advises customers to rotate passwords, move passwords to secure devices, stay on top of antivirus updates, and utilize the bank’s multi-factor authentication.
However, even with these measures in place, no security system is completely unhackable.
