[ad_1]
Absa has suffered a data breach that affects several of its clients, exposing their personal information to third parties.
The bank sent an email to affected customers on Monday, November 30, warning them that their personal information had been shared with third parties.
“We regret to notify you that Absa has identified an isolated internal data breach whereby the personal information of a limited number of Absa customers was shared with parties outside the bank,” Absa told clients.
“Unfortunately, some of your personal information was part of this data which included your identity number, contact details, address and account numbers.”
“Absa takes the protection of personal data very seriously and has taken proactive steps to address the potential risk to our customers,” said Absa.
The bank confirmed that the following personal information was exposed to third parties:
- Identity numbers
- Contact details
- Physical addresses
- Account numbers
Absa did not indicate whether any other customer information has been exposed in the breach, but said it could contact affected customers to validate potentially suspicious transactions in the future.
The exact number of affected clients has not yet been confirmed, but Absa has referred to it as a “small part” of its client base.
“As part of these monitoring measures, you may receive a phone call from us to validate potentially suspicious transactions to ensure greater protection of your interests,” said Absa.
“Please note that we will never ask you to share your ‘safe keys’ (including your online banking PIN or password or the CVV of your one-time card, PIN or password) with us or to approve activities for prevent fraud “.
Stop unauthorized debit orders
Absa said it has implemented measures to prevent and detect unauthorized debit orders on the accounts of affected clients.
“Please be assured that we will contact you if we detect unauthorized debit orders on your account,” said Absa.
“Please note that we will never ask you to approve the revocation of unauthorized debit orders.”
The bank said it was constantly improving its defenses against cybercrime and, as a result of this incident, has further refined its protection controls and processes.
Employees leaked customer data – Absa
Absa told MyBroadband that the data was exposed due to the actions of an employee who acted illegally.
“Absa notes that an employee has illegally made selected customer data available to a small number of external parties,” Absa said.
“The leaked data refers to a small portion of Absa South Africa’s customer base to date, although investigations continue.”
Absa said that upon discovering the infringement, he obtained orders from the High Court that allowed search and seizure operations at various facilities and secured all devices containing the data.
“The data on these devices was subsequently destroyed,” Absa said.
Absa has filed criminal charges against the employee and said the necessary consequence management has been carried out internally.
“Absa can take further action in relation to the recipients of the data once the full extent of the leak is identified and all investigations are completed,” Absa said.
“Absa has implemented additional control measures to minimize the risk of it happening again in the future.”
Now read: What’s next in security? In conversation with Thabiso Hlatshwayo
[ad_2]
