DATA BREACH FEARS SURFACE AS RHB BANK
ADMITS ERROR IN
E-STATEMENTS ISSUANCE
Customers say they received other people’s bank account documents,
could open it with their own password
June 17, 2021
Questions are being raised on whether there has been a data breach involving a
major bank in Malaysia
In an email to its customers yesterday evening, RHB Banking Group said that there
has been an error in e-statements that were sent out the previous night due to a
technical issue.
Yesterday, several users took to social media claiming to have received personal
Issue bank account statements belonging to other customers.
More concerning, they claimed they were able to access the e-statements using their
own passwords, which, by default, is the users’ date of birth in numerals.
Among the personal data that can be obtained from the statement include the
customer’s full name, home address, transaction history, salary amount deposited
and account number.
He also stated even if the e-statement had been
Apologising for the error, the bank urged
emailed out wrongly, it is most likely to only reach
users to refrain from opening the statement
the hands of a fellow RHB customer and as long as
and to immediately delete the email.
they don’t know customer's bank account password,
It added that a new e-statement will be re-
there is not much to be worried about.
sent to patrons as soon as possible upon
Solution to The only worry is that those with ill-intentions may
appropriate validation being completed.
use details, such as home addresses, to commit a
RHB Group said they are investigating the the issue
crime like robbery and break-ins, if the person is
matter, while simultaneously rectifying the
wealthy.
error that had occurred.
Other than that, he didn’t see any problems arising.
A data engineer, Alvin Teoh said the
There may be concerns on scams, but scammers
compromised data are unlikely to cause any
can’t do anything much if they only have details of
major problems to account holders.
just a single person.
In the contract between banker and customer, it is one of the duties of a bank to send bank statements
to the customers.
It shows the number and debit and credit entries in a customer's account.
There is an implied agreement between the bank and its customer that the bank will deliver
statements of accounts to customers.
This provides opportunity for the customers to verify the balance of his account with the bank.
Bank Where the discrepancies exist, the bank contends that the customer is liable and has the duty to
scrutinize or check his bank statements and to inform the bank about the discrepancies.
Statement It was held that in the absence of any express agreement between the banker and his customer, there
is no duty on the part of a customer to check his bank statements.
Bank cannot force every customer to check his or her bank statement.
Now, customer can check their bank transactions using internet banking such as RHB online banking,
Maybank2U and CIMB click.
Bank logo,
name and Beginning and
address ending balance
information of account
Account holder Summary of
information
What contains in the deposits and
bank statement? withdrawals
Statement Bank contact
date information
Conclusion
It is one of the bank duties to send bank statement usually monthly basis to the
customer eventhough they can check their transaction themselves using internet
banking. However, bank must ensure that the security of the internet banking is
secure so that the customers banking and personal information is safe.
So, it can minimize the chance for scammer to take action and prevent data
breaching as it could create a huge problem such as losing money , leaking of
confidential information and corruption of databases.
