Westpac cans cards as AFP investigates breaches

Westpac has this week confirmed that it has canned the cards of an undisclosed number of customers following a fresh merchant data breach. The breach comes as the Australian Federal Police (AFP) opens a new investigation into recent merchant data compromises.

Westpac told ZDNet Australia this week that merchant data breaches are now business as usual for the bank's fraud team.

"I can say that this is business as usual for our fraud team," the bank said in a statement when confirming the breach.

"From time to time, Westpac experiences fraud compromises that will require the bank to reissue cards to customers," the bank added.

The latest move to cancel compromised cards has come as the AFP announces a new investigation into a series of merchants whose internal systems were recently penetrated, putting card data at risk.

The AFP said in a statement today that the new investigation was sparked by a referral from an unnamed financial institution.

"The AFP has identified the cause of the data compromise and an active investigation into the matter is continuing.

"The AFP has been working closely with the financial services industry to mitigate any potential effects [of a breach]," the AFP said today.

The matter was referred to the AFP in June and the AFP has refused to comment further on the matter.

The last major data breach at the merchant level came in May, which resulted in the Commonwealth Bank cancelling more than 8000 customer cards. Westpac also cancelled a number of cards at the time, while ANZ Bank and the National Australia Bank chose to monitor accounts at risk rather than cancel cards outright.