The latest hack is the largest financial hack of its kind in Australia and is thought to be linked to a hacker who had access to the bank account of a senior employee.
A spokesman for the Australian Securities and Investments Commission (ASIC) said it was investigating whether the incident was a security breach.
The bank, which has a staff of about 70, said the breach involved the theft of the bank’s “verified” login credentials for accounts with a user name of “sarah”.
“The bank has confirmed that one of its customer accounts had been accessed, and that the information had been transferred to a third party,” the spokesman said.
The account had been compromised because it had been stored on a cloud storage service, he said.
The breach was first reported on Tuesday.
Twitter did not immediately respond to a request for comment.
Australian Financial Review is seeking more information from the bank about how the breach occurred.
According to the report, the hacker also stole $US3.3 million from the account.
In a statement, Twitter said the hack occurred after the bank failed to act in time to block access to some user accounts, including some with names such as Sarah, Sarah, and Sarah.
“Our investigation has revealed that the account holders were identified through our own internal investigation,” the statement said.
Twitter said it has been in contact with the bank and is working with the authorities.
Earlier this month, Twitter suspended accounts belonging to its top executives.
Twitter’s top executives are thought to have access to sensitive customer data.