You are here
CIMB flags loss of back-up data, heightens security measures
MALAYSIA'S CIMB Group said that several magnetic tapes containing back-up data, including customer information, were lost in transit during routine operations but there has been no evidence that any information has been compromised.
Some of the tapes contain information of customers of CIMB Bank and its subsidiaries, including its Singapore branch.
"Following a thorough and ongoing assessment, there is currently no evidence that any of this information has been compromised," it said in a statement on Monday. "The tape data does not contain any authentication data such as PINs, passwords or credit card CVV numbers."
It added that the bank is working with the authorities and taking all necessary measures to protect its customers. "As these are back-up tapes, CIMB still has all customer information," it said.
In response, CIMB has heightened security measures across all channels, including temporarily suspending some services via its call centre such as change of address, telephone number and e-mail address for credit cards.
Zafrul Aziz, group chief executive of CIMB Group, said: "We are confident the measures we have put in place will maintain the safety of customer transactions. Although this was an isolated incident, we have reviewed and further strengthened our security and internal processes to ensure that we remove the possibility of it recurring. We apologise for the inconvenience that our heightened security measures may cause to our customers in the interim."
In a separate statement, the Monetary Authority of Singapore (MAS) said that it has been in touch with Bank Negara Malaysia.
"MAS has directed CIMB Singapore branch to ascertain the extent of the data loss and to take necessary measures to protect its customers," said an MAS spokesman. "The bank is implementing enhanced security measures to safeguard affected customers. MAS advises customers of CIMB Singapore to exercise vigilance and closely monitor SMS and other alerts from their financial services providers."
The MAS spokesman added: "Customers should consider changing their user IDs and passwords should these be similar to other personal data such as their NRIC numbers and addresses. Banks operating in Singapore are expected to have in place measures to safeguard the confidentiality of customer information. MAS will not hesitate to take action against banks that fail to do so."
Malaysia's central bank said that it was "assured by CIMB Bank that necessary precautionary measures and mitigation actions have been taken to manage any possible negative impact arising from the loss of the tapes".