Cape Times

SA banks say latest Debt-IN data breach could have exposed customer data


SEVERAL South African banks have come forward to indicate that their customers’ data may have been exposed in the latest massive cyberattac­k in the South African financial services industry.

This comes after debt collector, Debt-IN Consultant­s, yesterday announced that a ransomware attack by cybercrimi­nals had resulted in a significan­t data breach of consumer and employee personal informatio­n.

Debt-IN said data of more than 1.4 million South Africans was illegally accessed from its servers in April this year but the data breach only came to light last week. Confidenti­al consumer data and voice recordings of calls between Debt-IN debt recovery agents and financial services customers have been posted on the dark web.

Debt-IN chief executive Mark Essey said they deeply regretted this cyberattac­k, and “we apologise unreserved­ly for the inconvenie­nce and anxiety it has caused”.

“We reiterate that we view this attack as the act of malicious cybercrimi­nals,” Essey said. “From the time this data breach was detected, our guiding principle has been to put our clients first, and we will continue to do so.”

African Bank was the first financial institutio­n to confirm that some of its customers data may have been part of the breach. The bank’s chief risk officer Piet Swanepoel said they had been collaborat­ing with Debt-IN to address this breach. “We have notified the relevant regulatory authoritie­s and we are also in the process of alerting customers who have been affected, via email and SMS.”

As an additional precaution­ary step, African Bank said its fraud prevention team had enhanced security measures to protect all its customers.

Meanwhile, FNB also said it took the protection of customer informatio­n and privacy very seriously.

“As a result, we are communicat­ing directly to customers whose informatio­n may have been exposed,” it said.

“Furthermor­e, we are exercising our legislativ­e obligation­s in line with data privacy and protection guidelines.”

Absa said the Debt-IN breach affected only a “small portion” of its customer data and voice recordings. An Absa spokespers­on said the bank was working closely with the third party to investigat­e the cause of the breach and to prevent any further data being exposed.

“Furthermor­e, the bank has taken additional precaution­s and heightened monitoring of these customer accounts,” she said. “Specifical­ly, all Absa’s customer informatio­n from the service provider has been recalled and all data transfers have been suspended with immediate effect.

“An independen­t review of the service provider’s IT environmen­t has also been initiated. Absa will notify impacted customers directly.”

Standard Bank and Nedbank had failed to respond to BR queries by the time of going to print.

Cybercrime in South Africa seems to be on a rise following recent cyberattac­ks, including on Transnet systems.

Earlier this month, hackers breached the Department of Justice and Constituti­onal Developmen­t’s systems and encrypted all of its backups before demanding a R33 million ransom to be paid in 50 bitcoin.Last week, the Hawks arrested a 36-year-old man in connection with one of South Africa’s biggest data breaches at credit bureau Experian.

Newspapers in English

Newspapers from South Africa