African Bank warns of data breach
JOHANNESBURG – African Bank has confirmed that one of its appointed professional debt recovery partners, DebtIN, was targeted by cybercriminals in April 2021.
At the time, expert security advice concluded that there was no evidence that the ransomware attack had resulted in a data breach – however, DebtIN is now aware that the personal data of certain customers, including a number of African Bank Loan customers under debt review, has been compromised.
Confident
The bank said that DebtIN is confident that no data shared post April 1, 2021 has been compromised.
“A robust mitigation plan has been implemented by DebtIN to contain and reduce any further adverse impact,” it said. “We have been collaborating with DebtIN to address this breach. We have notified the relevant regulatory authorities and we are also in the process of alerting customers who have been affected, via email and SMS.”
Security
As an additional precautionary step, African Bank’s fraud prevention team has enhanced security measures to protect all customers.
“If you detect any suspicious activity, or feel that your information has been compromised, you can apply for a free Protective Registration listing with the Southern African Fraud Prevention Services (SAFPS),” the bank said.
“This will alert banks and credit providers that an identity has been compromised. You can apply by emailing protection@safps.org.za.”
African Bank customers can call 0861 111 011 if they suspect any fraudulent activity on their accounts. The breach is the latest in a line of highprofile data breaches and cyber attacks to hit South Africa this year.
The Hawks last week (September 15) arrested a 36yearold suspect in Gauteng following an investigation into the data breach at Experian in August 2020.
South African Banking Risk Information Centre (SABRIC) announced that Experian, a consumer credit reporting company, had experienced a data breach, exposing the personal details of millions of consumers in South Africa.