Absa suffered a major data leak in South Africa and even though the breach did not occur at the bank itself, the data leak still raises security questions concern the safety of client’s money.
Absa is new in Tanzania, the newest big player in the banking industry and has invested a great deal in creating a positive image. However, earlier this month, that image was gravely tainted after an Absa employee allegedly leaked some of the bank’s customer data.
The incident occurred in the bank’s South African main branch where it is reported that the said employee provided customer information to unknown third party interests. The leaked customer info included client ID numbers, bank account numbers, credit card numbers and even mobile phone numbers.
The information that was leaked includes names and surnames, identity numbers and physical addresses, the bank admits.
Further still it also admitted other leaked data includes bank account numbers, credit card numbers, mobile contact numbers, and even vehicle details.
In its defence, the bank claimed that the information that was leaked did not include passwords or Pin codes. However, Absa could not help but share its own concerns that ‘…it is worried fraudsters could still try and take advantage of the situation.’
Quoted by TechCentral Absa admitted that its employee did in fact “…unlawfully made selected customer data available to a small number of external parties.”
And that “…the leaked data relates to a small portion of Absa South Africa’s customer base, although investigations continue.”
After the bank became aware of the leak, it went ahead and laid criminal charges against the suspected employee. Absa also went ahead and secured High Court orders to conduct search-and-seizure operations at various undisclosed locations that facilitated the recovery of all devices containing the leaked data.
The bank says investigations are still underway and at the moment it does not know how many of its clients were affected in the leak.
“So we would not want to provide a definitive number at this stage. What we can confirm is that, so far, only a fraction of Absa’s customers in South Africa have been affected by the leak,” Absa admitted in the media interview with TechCentral.
All security has been intensified – ABSA
Absa went ahead and reassured its customers that it has enhanced security across all its branches in all countries.
However it has more specifically increased monitoring of affected clients’ accounts, in case of any ‘unusual activities’ but the bank still maintains that “…the (leaked) data alone does not give third parties direct access to the money in customers’ accounts.”
Absa data leak: Background
The data leak incident occurred late last year when the personal details of reportedly some 24 million South Africans, and nearly 800,000 businesses, were stolen by a fraudster.
The information was not stolen directly from Absa but rather from a credit bureau called Experian. The credit bureau collects credit information about consumers from banks, retailers, and other parties.
In its explanation, Experian said the information was handed over to the fraudster because the said individual posed as a legitimate client.
Absa provides personal and business banking services and also provides wealth management services. Absa has a presence across 12 countries on the continent and has in excess of some 42,000 employees.