P&N Data Breach via CRM system


P&N bank has been involved in a data breach resulting in the exposure of customer information from the bank’s CRM system. Information contained in the CRM includes customer names and ages, residential addresses, email addresses, phone numbers, customer numbers, account numbers and account balances.

No customer passwords or credit card details had been compromised, as its core banking system was isolated and separated from the impacted system.

P&N says the attack occurred on 12 December during a server upgrade. It is believed that a company P&N Bank hired to provide hosting was the entry point. P&N immediately shut down the source of the vulnerability and is currently working with WA police and federal authorities.

Crispin Kerr, Proofpoint Australia Country Manager commented, “The P&N Bank data breach demonstrates how criminals are successfully attacking third-party vendors to get around the target organisations’ defences. Efforts that exploit supply chain vulnerabilities are harder for security teams to detect and are increasing in prevalence. In this instance, cybercriminals gained access to data during a third-party server update – an extremely vulnerable time for servers – underscoring that criminals will often wait for the perfect time to strike.

It is important to be aware that while there may not be an immediate visible impact from the breach, cybercriminals often use exposed data to conduct extremely targeted follow-up attacks. This can include sending spoofed messages that appear to come from the organisation itself, requesting customers to click a malicious link to sign-up for account monitoring or other services. These follow-up attacks can appear to be highly authentic and customized, given the volume of personal information criminals have obtained in the initial breach.

It is critical that organisations have a comprehensive understanding of their suppliers and partners and complete regular audits of each vendor to truly defend against these threats. We recommend consumers involved in the breach immediately change their passwords for all online accounts and enable two-factor authentication. We also recommend they report any malicious emails or unauthorised account login attempts and pay very close attention to their financial statements. Enabling text or push notifications will also ensure any fraudulent is flagged instantly.”