Former OCBC Assistant VP Jailed for Unauthorized Access to Data of 400 Customers
SINGAPORE: Au Jia Hao, a former assistant vice president at OCBC Bank, was sentenced to 10 weeks in jail on Friday, January 3rd, for accessing the personal information of 396 bank customers without authorization. Au, 39, pleaded guilty to a charge under the Computer Misuse Act.
Au’s Role and Unauthorized Access
Au began working at OCBC’s global commercial banking division on October 12, 2022, where he was responsible for sales support, customer issue resolution, and portfolio analysis. Despite being trained in the Silverlake Integrated Banking System’s acceptable use policy and understanding the importance of customer data privacy, Au accessed the information of 396 bank customers for over eight months, starting from November 8, 2022, until July 31, 2023.
The Profiles Accessed
During this period, Au looked up profiles of various individuals, including local politicians, public figures, influencers, colleagues, friends, and family members. The information he accessed ranged from National Registration Identity Card (NRIC) numbers, dates of birth, addresses, contact numbers, bank account balances, to education and employment histories.
Discovery and Consequences
OCBC’s risk and prevention department flagged Au’s unauthorized access on August 16, 2023, after he viewed a senior bank employee’s profile. Following this discovery, Au admitted to his actions when confronted by his superior, leading to his termination on September 7, 2023, and a subsequent police report by OCBC.
Prosecution and Defense Arguments
During the court proceedings, Deputy Public Prosecutor Colin Ng sought 12 to 16 weeks’ imprisonment, emphasizing the potential harm of Au’s actions and his persistent offending behavior. On the other hand, defense lawyer Kalidass Murugaiyan argued for a lighter sentence of four weeks, citing Au’s lack of intent to disseminate the customer data, his mental health issues, and volunteer work with the Singapore Red Cross.
Sentencing and Judge’s Remarks
Ultimately, District Judge Wong Peck sentenced Au to 10 weeks in jail, highlighting the severity of his breach of trust as an OCBC employee. The judge emphasized the importance of upholding data privacy laws and the consequences of unauthorized access to computer data.
In conclusion, Au’s case serves as a stark reminder of the repercussions of misusing confidential information. It underscores the significance of ethical conduct in handling sensitive data and the legal consequences individuals face when violating privacy regulations. Let this case be a cautionary tale for all professionals entrusted with safeguarding personal information to uphold the highest standards of integrity and respect for privacy.