Skip to main content
Skip to secondary navigation
Australian Government - Office of the Australian Information Commissioner - Home

ANZ e-statement data breach

On this page

Update 11 January 2012
Statement from Australian Privacy Commissioner, Timothy Pilgrim 15 December 2011


11 January 2012

“ANZ are continuing to keep me informed about their progress in investigating and resolving this matter. I am pleased to see that they promptly sought to notify affected customers and put in place steps to reduce any potential impacts on those customers. All organisations are encouraged to let us know if an incident like this occurs so that we can work with them to help them improve their practices.

In 2011 we saw an increased number of companies affected by data breaches, some caused by malicious cyber-attacks others by human error. Incidents like these can have a significant impact on the trust consumers have in companies who appear not to have the appropriate level of protection in place for the personal information they hold.

Organisations should think very carefully about how their systems will impact on the privacy of their customers. They can do this by undertaking privacy impact assessments when considering implementing new systems or undertaking system upgrades. Privacy considerations should be built in early in the design of new systems and not left as an afterthought at the end of the process as this can often lead to substandard protections being in place.”

Back to Contents

Statement from Australian Privacy Commissioner, Timothy Pilgrim

15 December 2011

ANZ have notified me of the incident providing me with details of what happened and, importantly, what they have done to fix the problem.

ANZ will keep me informed of their progress and give me a full report once they have concluded their investigation. I will then decide if I need to take any further action.”

Back to Contents