CBA’s Indonesian arm hit by cyber breach

CBA Cyber Attack

The Commonwealth Bank of Australia’s (CBA’s) Indonesian subsidiary, PT Bank Commonwealth (PTBC), has reportedly been the target of a cyber-attack.

CBA reported the breach to the Australian Securities Exchange (ASX) just after midday today, stating it was the result of “unauthorised access of a web-based software application used for project management”.

CBA confirmed that PT Bank’s services are continuing to operate as normal, with the parent bank noting that its own systems remain “segregated” from that of its Indonesian arm.

The bank, Australia’s biggest, said it was “working closely with PTBC and supporting their efforts in this matter”.

Cyber-attacks targeting Australian firms, and particularly financial services entities, have grown markedly over the last year.

Australia’s Notifiable Data Breach (NBD) scheme recorded a 26 per cent jump in breach notifications made by Australian organisations in the six months to December 2022.

The financial services industry alone reported 68 separate breaches (up from 52 in the previous six months) in the last reporting period, with more than two out of three breaches the result of malicious or criminal actors.