Westpac
Company Details
Linkedin ID:
westpac
Website:
Employees number:
15,589
Number of followers:
305,255
NAICS:
52211
Industry Type:
Homepage:
westpac.com.au
IP Addresses:
0
Company ID:
WES_1976643
Scan Status:
In-progress
Westpac Company CyberSecurity Posture
westpac.com.au
From rescue helicopters and signing the Equator Principles, to paying super during parental leave and initiatives like Westpac SaferPay and SafeCall to protect customers from scams... we have a proud history of stepping up to be first for our customers, communities and people. We are Australia’s oldest bank and first company and have been supporting customers for over 200 years. Our purpose is creating better futures together – it’s what we do, who we are and why we come to work every day. With this purpose in mind, we’ve set ourselves a bold ambition - to be our customers’ #1 bank and partner through life. Through our unique portfolio of brands comprising Westpac, St.George, Bank of Melbourne, BankSA, BT and RAMS, we’re focused on meeting the financial services needs of our 13 million customers. When you join Westpac Group, you’ll be empowered to make a difference, constructively challenge and create a future worth striving for. But best of all you’ll be joining a whole organisation of people who love working together to help others create their best future. Westpac Group acknowledges the traditional owners as the custodians of this land, recognising their connection to land, waters and community. We pay our respects to Australia's First Peoples, and to their Elders, past, present and future. Westpac Banking Corporation ABN 33 007 457 141. AFSL and Australian credit licence 233714.
Westpac A.I CyberSecurity Scoring
Westpac Risk Score (AI oriented)Between 750 and 799
Westpac
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Westpac Global Score (TPRM)XXXX
Westpac
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Westpac Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Westpac
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The cyber attack on the real-time payments platform of Westpac's exposed private details of almost 100,000 Australian bank customers. The attack on Westpac has prompted a warning from computer security experts who say that the pilfered data could be used for fraud. Experts say that with access to these details, fraud could be committed on a mass scale. The bank confirmed the incident late on Monday but did not say how many Australians had been affected."
Westpac Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Westpac
Incidents vs Banking Industry Average (This Year)
No incidents recorded for Westpac in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Westpac in 2025.
Incident Types Westpac vs Banking Industry Avg (This Year)
No incidents recorded for Westpac in 2025.
Incident History — Westpac (X = Date, Y = Severity)
Westpac cyber incidents detection timeline including parent company and subsidiaries
Westpac Company Subsidiaries
From rescue helicopters and signing the Equator Principles, to paying super during parental leave and initiatives like Westpac SaferPay and SafeCall to protect customers from scams... we have a proud history of stepping up to be first for our customers, communities and people. We are Australia’s oldest bank and first company and have been supporting customers for over 200 years. Our purpose is creating better futures together – it’s what we do, who we are and why we come to work every day. With this purpose in mind, we’ve set ourselves a bold ambition - to be our customers’ #1 bank and partner through life. Through our unique portfolio of brands comprising Westpac, St.George, Bank of Melbourne, BankSA, BT and RAMS, we’re focused on meeting the financial services needs of our 13 million customers. When you join Westpac Group, you’ll be empowered to make a difference, constructively challenge and create a future worth striving for. But best of all you’ll be joining a whole organisation of people who love working together to help others create their best future. Westpac Group acknowledges the traditional owners as the custodians of this land, recognising their connection to land, waters and community. We pay our respects to Australia's First Peoples, and to their Elders, past, present and future. Westpac Banking Corporation ABN 33 007 457 141. AFSL and Australian credit licence 233714.
Loading...
Westpac Similar Companies
BBVA
At BBVA we are leading the transformation of banking worldwide, united in pursuing our goal of bringing the age of opportunity to everyone. Firmly focused on the future, our on-going digital transformation is already producing disruptive innovations that power our vision of banking. Every one of o
Bank Mega
Perjalanan Bank Mega berawal pada tahun 1969, dengan nama PT Bank Karman di Surabaya. Kemudian bertransformasi menjadi Mega Bank pada tahun 1992, dan berpindah lokasi ke Jakarta. Pada tahun 1996, Chairul Tanjung dengan PARA GROUP, yang kini dikenal dengan CT Corpora, mengambil alih dan membuat gebra
CIBC is here to help all our clients reach their goals. We know the importance of reliable financial products and services, and we’re dedicated to providing them in a way that lets you bank however you want, whenever you want. With innovative tools designed around your priorities and a team ful
Banco Bradesco
O Bradesco é um dos líderes do setor financeiro privado e um dos maiores empregadores na categoria. Além disso, apresenta o melhor índice de eficiência entre os bancos de varejo. Nossa missão é fornecer soluções, produtos e serviços financeiros e de seguros com agilidade e competência, principal
Türkiye İş Bankası
In the nearly 100 years since its founding by the Great Leader Mustafa Kemal Atatürk on August 26, 1924, İşbank has undertaken various roles and made significant contributions to the development of our country in many fields, especially in industry and trade. İşbank offers products and services to
Crédit Agricole Personal Finance & Mobility
A major consumer credit provider in Europe, Crédit Agricole Consumer Finance operates in 19 countries. Its 9,900 employees support customers by providing the financing they need to undertake their projects. Reflecting the essential social and economic role of consumer credit, Crédit Agricole Consu
La Banque Postale
La Banque Postale is a ‘bank like no other’ driven by the post office values of local presence and service. As heir to La Poste Financial Services, it is the only bank to have been tasked with a mission to provide access to banking services under the law introduced to modernise the French economy
Utkarsh Small Finance Bank
Utkarsh Small Finance Bank Limited (USFBL), incorporated on April 30, 2016, is engaged in providing banking and financial services with a focus on the underserved and unserved sections of the country. The Bank’s lending activities are primarily focussed in rural and semi-urban locations of the count
Societe Generale is one of the leading European financial services groups. Based on a diversified and integrated banking model, the Group combines financial strength and proven expertise in innovation with a strategy of sustainable growth. Committed to the positive transformations of the world’s soc
.png)
Westpac CyberSecurity News
November 24, 2025 12:58 AM
Westpac Share Price Insights: Key ASX 200 Updates Before Market Open
Explore Westpac's FY25 results, dividend details, and market position ahead of ASX trading. Insights on share performance and banking sector...
October 16, 2025 07:00 AM
Hackers using F5 devices to target US gov networks
US government officials said that federal networks are being targeted by an unidentified "nation-state cyber threat actor" that's trying to...
October 14, 2025 07:00 AM
Major banks and government step up cybersecurity collaboration
Industry leaders urge businesses to prioritise cybersecurity basics.
October 13, 2025 07:00 AM
Aussies warned over new $1,500 scam trend as 70,000 'frightening' emails sent out
Scammers are trying to whip people into a frenzy with trusted brands hoping they'll hand over their banking information. Here's an example.
October 13, 2025 07:00 AM
Banks, Government Unite for Cyber Resilience
13.10.2025. Australia's leading banks are continuing their long-standing collaboration with the Australian Government to strengthen the nation's cyber...
August 29, 2025 07:00 AM
Next generation defence: Safer solutions in real time
As money moves faster in the payments system, so do the security tools that keep customers' funds safe. Peta O'Brien, Head of Client...
July 17, 2025 07:00 AM
Project Acacia: Next steps for the future of money
Westpac is ready for action as the RBA and Digital Finance CRC explore new digital forms of money and the potential for a central bank...
July 17, 2025 07:00 AM
Westpac and Australia’s RBA Launch Chainlink-Based Tokenized Asset Settlement Project
Westpac partners with Chainlink and Australia's RBA to launch Project Acacia for blockchain-based tokenized asset settlement.
July 03, 2025 07:00 AM
Westpac Introduces New Scam Detection Technology
Westpac has today announced the introduction of Confirmation of Payee, a new security feature designed to help customers spot a scam and reduce mistaken...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Westpac CyberSecurity History Information
Official Website of Westpac
The official website of Westpac is http://www.westpac.com.au.
Westpac’s AI-Generated Cybersecurity Score
According to Rankiteo, Westpac’s AI-generated cybersecurity score is 767, reflecting their Fair security posture.
How many security badges does Westpac’ have ?
According to Rankiteo, Westpac currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Westpac have SOC 2 Type 1 certification ?
According to Rankiteo, Westpac is not certified under SOC 2 Type 1.
Does Westpac have SOC 2 Type 2 certification ?
According to Rankiteo, Westpac does not hold a SOC 2 Type 2 certification.
Does Westpac comply with GDPR ?
According to Rankiteo, Westpac is not listed as GDPR compliant.
Does Westpac have PCI DSS certification ?
According to Rankiteo, Westpac does not currently maintain PCI DSS compliance.
Does Westpac comply with HIPAA ?
According to Rankiteo, Westpac is not compliant with HIPAA regulations.
Does Westpac have ISO 27001 certification ?
According to Rankiteo,Westpac is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Westpac
Westpac operates primarily in the Banking industry.
Number of Employees at Westpac
Westpac employs approximately 15,589 people worldwide.
Subsidiaries Owned by Westpac
Westpac presently has no subsidiaries across any sectors.
Westpac’s LinkedIn Followers
Westpac’s official LinkedIn profile has approximately 305,255 followers.
NAICS Classification of Westpac
Westpac is classified under the NAICS code 52211, which corresponds to Commercial Banking.
Westpac’s Presence on Crunchbase
No, Westpac does not have a profile on Crunchbase.
Westpac’s Presence on LinkedIn
Yes, Westpac maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/westpac.
Cybersecurity Incidents Involving Westpac
As of December 11, 2025, Rankiteo reports that Westpac has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Westpac has an estimated 6,988 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Westpac ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Incident Details
Can you provide details on each incident ?
Title: Westpac Real-Time Payments Platform Cyber Attack
Description: The cyber attack on the real-time payments platform of Westpac exposed private details of almost 100,000 Australian bank customers.
Date Publicly Disclosed: 2023-10-02
Type: Data Breach
Motivation: Fraud
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach WES224026323
Data Compromised: Private details of bank customers
Systems Affected: Real-time payments platform
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Private details.
Which entities were affected by each incident ?
Incident : Data Breach WES224026323
Entity Name: Westpac
Entity Type: Bank
Industry: Financial Services
Location: Australia
Customers Affected: Almost 100,000
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach WES224026323
Type of Data Compromised: Private details
Number of Records Exposed: Almost 100,000
Sensitivity of Data: High
Additional Questions
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-10-02.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Private details of bank customers.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Private details of bank customers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 100.0K.
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=westpac' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
