Tech Talk

5 questions you should ask CIMB regarding CIMBClicks security

Today’s hot piece of news has nothing to do with a punch hole display smartphone. Nor a cup of Maggi Hot Cup noodles. Nonetheless, it is hot in more ways than one. In case you missed it, some CIMB customers have reported unauthorised transactions from their bank accounts over the weekend, with funds transferred out to different PayPal accounts. CIMB, however, denies of any security breach and states that its online banking system “remains secure and all customers’ transactions continue to be protected.”

The bank quietly implemented Google reCAPTCHA authentication on its online banking portal’s login page over the weekend, as well as implemented support for longer passwords (from eight characters to up to 20 characters).

The bank’s move to introduce these steps were deemed as precautionary measures. Did certain parties exploit a security hole and gain access to customer and login details? If not, how have some customers lost funds from their accounts? This remains unexplained.

As a CIMB customer, here are five questions you should be asking CIMB:

  1. Why did the bank not inform customers beforehand about the implementation of reCAPTCHA?
  2. Why did the bank not inform customers about longer password support before it was implemented?
  3. Why did the bank not do a global reset of all passwords, forcing users to reset passwords, as an immediate precautionary measure?
  4. How do you explain that some customers have been victim of theft from their online accounts and why is there no mention of investigation over this matter?
  5. Why does the system allow for additional characters in a login password and why aren’t all password requirements standardised across the board?

Here’s what you can do to ensure your online banking experience is secure:

  • Always use a secure password of 8 characters or more. Please do not use passwords like “abcd1234.” Use combination of letters, numbers and special characters i.e. “A2b3#c4!”
  • Change your password regularly.
  • Never disclose your password and TAC to anyone.

And here are even more useful tips.

If you see any suspicious activity in your account, call CIMB immediately at 03-62047788, or email them at

Header image: Alex Wong | SoyaCincau

Latest news

Subscribe to Vernonchan.comNever miss a story, read stories on Feedly and Medium

By Vernon

Vernon is the founder and chief editor of A graphic designer by profession, he has a deep love for technology, cars, gadgets, food, and travel. He tweets too much and is also known as a caffeine bacterium ("life's too short for bad coffee"). Bleeds Blue (go Chelsea FC!) and considers BMW, Porsche, Alfa Romeo cars to have in the garage--for true petrolheads, that is.