The Commonwealth Bank says it didn’t tell 20 million customers that their personal details were the subject of a security breach because they didn’t want to “alarm” them.

In a robust grilling with one of the bank’s honchos, Neil Mitchell described that decision as “patronising”.

Comm Bank honcho: “We decided the most prudent thing to do … was not unduly alarm customers.”

Neil Mitchell: “Patronising.” https://t.co/ycg4mR7GoI

— 3AW Melbourne (@3AW693) May 2, 2018

Neil was also left frustrated when Angus Sullivan, CBA’s acting executive of retail banking services, couldn’t tell him what percentage of customers were affected by the breach.

“I don’t know, mate. I can’t give you that detail,” Mr Sullivan said.

“Justin Langer has just been appointed Australian cricket coach. He should replace David Warner with Angus Sullivan. He has an extremely straight and dead bat.”
– Neil Mitchell

Click PLAY to hear the full exchange

The Commonwealth Bank says it sent customer information to Fuji Xerox to be destroyed in 2016, but some of that information went missing.

The privacy commissioner was informed, but affected customers were never told.

In a statement, the bank says an independent investigation determined the information was most likely destroyed.

Two years on, 19.8 million customer accounts affected by the breach are still being monitored.

The privacy commissioner is now asking the bank for further information about the incident.

The Commonwealth Bank says it is co-operating.