ORIGINAL STORY (4:24 PM): Customers of RHB Banking Group have reported that the bank has sent them an e-Statement that does not belong to them but still can be accessed using their own password. The bank also has since sent a follow-up email advising them not to open the statement, according to the affected customers. For the benefit of those who are not familiar with the RHB e-Statement, it is usually sent on a monthly basis via email and comes in the form of a PDF file that is protected by the customers’ date of birth as its default password. Aside from the transaction details, the document also contains the customer’s name, address, and account number. So, consider this scenario: Ali, who was born on 1 January 1970 received this month’s e-Statement from RHB through email. He then proceeds to open the PDF attachment as per usual, using 01011970 as the password but then he found to his utter astonishment that the contents inside the document belonged to another RHB’s customer named Abu. As mentioned earlier, RHB then subsequently sent an email to acknowledge the error which was apparently caused by “a technical issue” although the bank didn’t clarify further about it in the email. Right now, it is not known how many customers have actually been affected by this glitch, as the bank has yet to release any official statement regarding the matter aside from this particular email.

We are now reaching out to RHB for further clarification and will keep you updated once we receive a response from the bank. So, stay tuned. (Source: The Vibes, Lowyat.NET Forums. Image: Chongkian / Wikimedia Commons, used under Creative Commons license, RHB Group / Facebook, The Vibes.) UPDATE (10:56 PM): While RHB has not responded directly to us, the bank has apparently addressed the issue to a handful of media outlets with official remarks from its Group Managing Director and Group CEO, Khairussaleh Ramli. According to Khairussaleh, the e-Statement issue was discovered on 17 June and was caused by “a technical issue on the side of its external service partner,”. He further revealed that less than 0.5% of RHB’s total retail customer base in Malaysia were affected by this error. All affected customers have been notified via email and SMS although investigation still going on to find the exact cause behind the incident.  Despite the remark by Khairussaleh to these media outlets, RHB has yet to directly address this issue through its public communication channels such as its website, Facebook, or Twitter at the time this update is published. (Source: The Edge, Bernama. Image: RHB Banking Group.)

RHB Sends Wrong E Statement To Customers  Triggers Privacy and Security Concerns  UPDATED  - 95RHB Sends Wrong E Statement To Customers  Triggers Privacy and Security Concerns  UPDATED  - 94RHB Sends Wrong E Statement To Customers  Triggers Privacy and Security Concerns  UPDATED  - 18