PayID breach touches 3% of NPP

Ian Rogers Payments, mobile & wallets

Around 90,000 customers across the banking industry have been affected by a privacy breach more than a week ago that compromised of PayID records on the New Payments Platform.

Cuscal yesterday, said “fewer than 92,000 customers, or about 3 per cent of those registered for the PayID system, were affected,” The Australian reports.

As of April, around 2.8 million PayIDs had been registered, NPP Australia said last month, making more than 55 million Australian bank accounts accessible via the NPP.

NPP Australia and Cuscal issued statements on the breach on Wednesday last week regarding an incident known around the industry on Friday 16 August.

NPP Australia said then that a number of PayID records and associated data in the Addressing Service were exposed by a vulnerability in one of the financial institutions sponsored into the NPP by Cuscal Limited.

Cuscal has said “the client-side technical issues underlying the exposure were identified and resolved immediately”.

Banks and credit unions have begun contacting affected customers.