If that's indeed the contract, but it appears this article is decrying the fact that it's not part of the contract to protect you from your misuse of private information. I don't think it's reasonable to assume such a burden of responsibility if not explicitly agreed upon.
On the other hand, it's basically impossible to negotiate fair terms with a bank because it's almost impossible to survive without a bank account, doing so carries extraordinary costs, and bank customers have basically zero leverage. You can argue that the bank's unilateral terms don't support a moral claim, but it doesn't invalidate the morality of the claim, only the legality.
