Australian banking regulators to give banks up to 10 days to change customer details, fix website error
The Australian Financial Regulation Authority will give banks more than 10 days after the October 31 deadline to fix a “cybersecurity vulnerability” on their websites and to “ensure the integrity of financial transactions” to reassure consumers, the regulator said on Monday.
Key points:It will give consumers and banks up a week to fix the vulnerability, the ACCC saysThe ACCC has warned Australia’s big four banks to do more to protect customersThe ACCCM will issue a report next month that sets out how it will respond to the vulnerabilityThe ACC’s chief executive said the ACCCM had received a report from the Australian Taxation Office (ATO) that the vulnerability had been identified and was being investigated by the Australian Financial Crime Commission (AFCC).
The ACC has issued a warning about the vulnerability and has called for the banks to fix it as soon as possible, but will give them a week’s notice to do so.
“The Australian Financial Markets and the ACCM have been made aware of a cybersecurity vulnerability affecting the website of the Australian Banking Regulatory Authority,” the ACC’s CEO, Stephen Williams, said in a statement.
“This vulnerability has been identified by the ATO and has been actively investigated by Australian Taxpayers and the Australian Federal Police.
Covered by the law’Mr Williams said that the ACC will give the banks up “a week to complete the review of the ACCAC report”.”
“The ACC will not be making any final determinations about the severity of the vulnerability until it has had an opportunity to review the ACCCA’s findings and provide a final report to the ACC.”‘
Covered by the law’Mr Williams said that the ACC will give the banks up “a week to complete the review of the ACCAC report”.
The ACC and the ATP have agreed to a plan to fix what it called a “significant vulnerability” in the ACCACA’s website, which allows users to make purchases, send and receive money and access banking information.
Mr Williams told ABC News Breakfast that he was confident the banks would follow through on that promise.”
I think the ACC and ACCC have agreed that this vulnerability is a covered breach of the law, and the banks will have a week of notice to fix that vulnerability,” he said.
The ACC is one of the biggest players in Australia’s financial services sector, but the ACC is also a regulator and a consumer advocate, so it is a watchdog that is charged with ensuring the integrity and security of financial services and ensuring that the public gets the best possible value for their money.”
We will also take action to protect consumer confidence and privacy, and that will include the ACC CM, which is responsible for setting the national consumer confidence agenda,” Mr Williams said.”
It is the role of the regulator to make sure the public has confidence in the integrity, security and honesty of financial service providers, and to ensure that the banking industry does not mislead the public about the quality of its services.”‘
Worryingly high’A major worry is that the problem may have already been exploited by criminals.”
If you look at some of the big banks and some of their customers have been hacked, some of them have been using this to sell their stolen data to the highest bidder,” Mr William said.
But he also said it was vital the banks fix the problem.”
That’s why we’ve put in place the ‘cyber security awareness’ initiative to get these problems under control,” he told AM.”
And it’s one of our top priorities right now to make the ACC a top performer in terms of its cyber security.
“The ACC said it would publish its findings into the cyber security vulnerability next month, but has also given banks up for five days to fix any other problems they had identified, including the issue with the ACCCO website.”
No evidence’ to suggest a systemic vulnerabilityThe report from ATO said that it was “highly unlikely” that the vulnerable website had been used by criminals to make fraudulent purchases.””
The report will set a framework for the ACC to follow up on this report and provide the ACC with a full assessment of the problem.”‘
No evidence’ to suggest a systemic vulnerabilityThe report from ATO said that it was “highly unlikely” that the vulnerable website had been used by criminals to make fraudulent purchases.
“There is no evidence to suggest that criminals have exploited the vulnerability in this way, or to suggest it was used to commit a fraud or for any other criminal activity,” the report said.
It said that if the vulnerability was used for nefarious purposes, it was unlikely that criminals would have access to it.
However, it added that there was “no evidence to indicate it was being used to facilitate or facilitate fraudulent activity”.
The report also noted that the cyber vulnerability could have been exploited “for legitimate purposes”.
“It has been used for legitimate purposes, and if the ACC had exploited this vulnerability to facilitate fraudulent activities, then that would be a breach of their conduct obligations,” it said.