Cybersecurity experts have warned of potential vulnerabilities, after an investigation found nearly 100 logins at Australia’s Big Four banks have been snatched from employee devices. They say this could expose those businesses to a higher risk of ransomware attacks and data theft and, in a worst-case scenario, could give hackers a way into the banks’ internal corporate networks. Yowza.
It comes days after a separate investigation revealed over 31,000 passwords from the Big Four banks have been compromised and shared with cyber criminals online. The root cause? Infostealer malware on customers’ personal devices, which as the name suggests, sources valuable data and sends it to cyber criminals.
As reported by ABC News on Thursday, cyber intelligence researchers have now found nearly a hundred bank employee credentials to be compromised. These were stolen using infostealer malware on employee devices, and have since been given away or sold on Telegram, the dark web, or both.
The researchers found dozens of compromised staff credentials at Commonwealth Bank and ANZ, while the figure stood at five or less at NAB and Westpac.
In total, there are “around 100 compromised employees that are related to those four banks,” Leonid Rozenberg, analyst at cyber intelligence firm Hudson Rock, told the publication.
Although all four banks have security measures in place to block the misuse of stolen credentials, in a worst-case scenario, these logins could serve as an entry point for hackers into the banks’ networks.
“This is like the open gate,” said Rozenberg as he warned that a hacker, once inside the system, could cause extensive damage like installing ransomware and stealing significant volumes of customer data.
The almost 100 credentials identified by Hudson Rock — belonging to either current or former staff and contractors — were stolen between 2021 and April 2025.
As reported by ABC News, the malware overwhelmingly targets computers running on Windows, and can allow a wide range of data to be captured. This could include browser data like autofill details and user history and other credit card details or local files.
Hudson Rock also found stolen log-ins belonging to third-party businesses used by the banks, observing cybercriminals are “targeting the services that [banks are] using externally”.
This included over 100 leaked third-party credentials for ANZ, over 70 for NAB, 40 for Commonwealth Bank, and 30 for Westpac.
“[Attackers] also know that if they get inside the JIRA, or Salesforce, or Slack, the communication system that is widely used by different companies … they can get a lot of sensitive information,” Rozenberg said, per ABC News.
A 2024 report from the Australian Signals Directorate (ASD) echoed these warnings, explaining cybercriminals are actively buying stolen login details to get into corporate systems.
It said it has identified corporate network breaches that originated in employees accessing work resources from compromised personal devices, although it did not name specific businesses.
“In multiple instances, cybercriminals gained initial access to corporate networks by using stolen valid user credentials. Our investigations showed that extensive compromises usually occurred after cybercriminals had successfully accessed privileged user accounts,” the report stated.
So, what can you do to protect the dosh? According to cybersecurity experts and guidance from the Australian Cyber Security Centre (ACSC), some of the best ways to boost your device security include: avoiding reused passwords across different sites, enabling multi-factor authentication (MFA) where possible, regularly scanning your device for malware, and regularly updating your operating system and applications to patch vulnerabilities.
Safe online surfing, y’all.
The post Almost 100 Staff Logins At Australia’s Big Four Banks Stolen By Cybercriminals appeared first on PEDESTRIAN.TV .
