SA banks say latest Debt-IN data breach could have exposed customer data

More than 1.4 million South Africans’ data was illegally accessed from its servers in April this year but the data breach only came to light last week. Photo: EPA/RITCHIE B. TONGO

More than 1.4 million South Africans’ data was illegally accessed from its servers in April this year but the data breach only came to light last week. Photo: EPA/RITCHIE B. TONGO

Published Sep 23, 2021

Share

SEVERAL South African banks have come forward to indicate that their customers’ data may have been exposed in the latest massive cyber attack in the South African financial services industry.

This comes after debt collector, Debt-IN Consultants, yesterday announced that a ransomware attack by cyber criminals had resulted in a significant data breach of consumer and employee personal information.

Debt-IN said data of more than 1.4 million South Africans was illegally accessed from its servers in April this year but the data breach only came to light last week. Confidential consumer data and voice recordings of calls between Debt-IN debt recovery agents and financial services customers have been posted on the dark web.

Debt-IN chief executive Mark Essey said they deeply regretted this cyber attack, and “we apologise unreservedly for the inconvenience and anxiety it has caused”.

“We reiterate that we view this attack as the act of malicious cyber criminals,” Essey said. “From the time this data breach was detected, our guiding principle has been to put our clients first, and we will continue to do so.”

African Bank was the first financial institution to confirm that some of its customers data may have been part of the breach. The bank’s chief risk officer Piet Swanepoel said they had been collaborating with Debt-IN to address this breach. “We have notified the relevant regulatory authorities and we are also in the process of alerting customers who have been affected, via email and SMS.”

As an additional precautionary step, African Bank said its fraud prevention team had enhanced security measures to protect all its customers.

Meanwhile, FNB also said it took the protection of customer information and privacy very seriously.

“As a result, we are communicating directly to customers whose information may have been exposed,” it said.

“Furthermore, we are exercising our legislative obligations in line with data privacy and protection guidelines.”

Absa said the Debt-IN breach affected only a “small portion” of its customer data and voice recordings. An Absa spokesperson said the bank was working closely with the third party to investigate the cause of the breach and to prevent any further data being exposed.

“Furthermore, the bank has taken additional precautions and heightened monitoring of these customer accounts,” she said. “Specifically, all Absa’s customer information from the service provider has been recalled and all data transfers have been suspended with immediate effect.

“An independent review of the service provider’s IT environment has also been initiated. Absa will notify impacted customers directly.”

Standard Bank and Nedbank had failed to respond to BR queries by the time of going to print.

Cybercrime in South Africa seems to be on a rise following recent cyber attacks, including on Transnet systems.

Earlier this month, hackers breached the Department of Justice and Constitutional Development’s systems and encrypted all of its backups before demanding a R33 million ransom to be paid in 50 bitcoin.Last week, the Hawks arrested a 36-year-old man in connection with one of South Africa’s biggest data breaches at credit bureau Experian.

[email protected]

BUSINESS REPORT