HQ/EMEAFind out how we can help your business
A massive bank login details leak has exposed the personal banking credentials of over 31,000 Australians, with stolen information now circulating across dark web forums and messaging platform Telegram. Cybersecurity experts have linked the breach not to the banks themselves but to malware infections on users’ devices.
Among the affected institutions, the Commonwealth Bank saw the highest number of compromised accounts at around 14,000. ANZ followed with 7,000, NAB with 5,000, and Westpac with 4,000. According to experts, the login data was harvested through malware known as “infostealers,” which quietly infect users’ phones or computers and collect sensitive data.
Unlike high-profile bank hacks, this bank login details leak stems from infections on individual devices rather than vulnerabilities within the banks’ systems.
The Australian Banking Association (ABA) confirmed this, noting that banks continue to invest heavily in cybersecurity but cannot prevent malware from targeting customers directly.
Infostealer malware is particularly dangerous because it works silently, collecting not just banking usernames and passwords but also credit card numbers, cryptocurrency wallet details, and browser data like cookies and autofill forms. Some cybercriminals are even offering the stolen credentials for free to attract buyers, while others sell access to infected devices, up to 200,000 at a time, for as little as $600.
The researchers explained that many of these breaches go unreported because they are difficult to trace and often happen without warning. They found that even devices infected as far back as four years ago still generated usable data, which was successfully used in simulated attacks against ASX-listed companies.
Banks have urged customers to remain vigilant. “If a bank becomes aware that a customer’s credentials may have been compromised, they take steps to secure the account and advise on how to prevent further risk,” said ABA CEO Anna Bligh.
Commonwealth Bank reassured customers that it uses advanced monitoring systems to detect suspicious activity and adapt in real-time to new threats. Meanwhile, customers are advised to protect themselves by using strong, unique passwords, regularly updating antivirus software, and enabling transaction alerts.
As the bank login details leak continues to pose a threat, cybersecurity professionals warn that users must take responsibility for securing their own devices. The long-term consequences of leaked data can be severe, even years after the initial infection.
