CIMB Bank Berhad has refuted allegations that there was a security flaw
UPDATE: CIMB has issued an official statement on the security concerns.
It appears that several CIMB Clicks users have reported unauthorisedtransactions from their bank accounts over the weekend. While it isn’t clear if this is a security breach, CIMB had suddenly implemented Google’s reCAPTCHA service on their online banking portal’s login page.
On Facebook, a couple of users have reported missing funds with repeated transactions via Paypal. In the examples below, the unauthorised transactions were charged via debit card. Interestingly, one of the alleged victim claimed that he had never created a paypal account before.
CIMB said its online banking portal, CIMBClicks, remains secure and all customers’ transactions continue to be protected.
“The bank would like to inform that it had, over the weekend, introduced a few additional measures to enhance the security of its CIMBClicks transactions.
“Apart from ensuring that the system is now able to accommodate passwords longer than eight characters and up to 20 characters, we have also added the reCaptcha security measure on CIMBClicks to ensure the user is not a bot,” it said in a statement on Monday (Dec 17).
Over the weekend, purported issues with CIMB’s online banking portal went viral after social media users claimed that funds from their online banking accounts had been transferred out to online payment site PayPal.
Users had also alleged that their passwords were opened for hacking.