Absa data leak — more customers affected
Absa data leak — more customers affected
Jan Vermeulen24 February 2022
Absa data leak — more customers affected
Your email address
Subscribe
Absa has sent a notice to several new clients found to be affected by a November 2020 data leak, when a former employee gave people’s personal information to a platform that sold it to third parties.
The former Absa staff member behind the leak was a credit analyst who had access to risk modelling systems and sensitive client information.
It is not the first time Absa has identified that more customers were affected by this leak than initially known.
In April 2021, Absa sent an email to more impacted customers. In January 2022, it sent a similar email to another batch of affected clients.
Absa said that the former employee exposed the following personal information to unauthorised third parties:
Identity numbers
Contact details
Physical addresses
Account numbers
The bank sent its latest notification by SMS. It is reproduced in full below.
Absa: As part of ongoing investigations of an internal data leak, some of your personal information has been compromised. It includes your ID number, contact details and account number. We have heightened precautionary measures to protect your financial interests, and you might receive a phone call from Absa to validate potentially suspicious transactions. Please note that we will never ask you to share your “keys to the safe” (online banking PIN or password, card CVV, PIN or OTP) with anybody. If you notice any suspicious activity on your account, contact our Fraud Hotline on 0860 557 557. Any unauthorised debit order activity on your account can be reversed via Online Banking or by calling 08600 08600. Auth FSP.
Ongoing investigation
Absa retail and business bank fraud strategy head Ulrich Janse van Rensburg told MyBroadband that they are notifying customers as their investigation uncovers more details.
Janse van Rensburg said that when they first discovered what a trusted staff member was doing with personal customer data, Absa applied for Anton Piller orders to identify and confiscate all the devices connected to the leak.
Anton Pillers are search orders granted under exceptional circumstances where the subject of the search is not given any warning.
These orders aim to prevent the accused from potentially destroying evidence.
As forensic investigators found more data on the seized devices, Janse van Rensburg said the bank cleaned it up and sent additional notifications to affected customers.
He explained that the delay between notifications is because of the complex nature of the investigation.
“We have to work through devices and identify what belongs to Absa,” said Janse van Rensburg.
“We are communicating with clients not because they are possible targets [of cyberattacks and fraud], but because of a decision we made in how we approach customer service,” he said.
Absa decided that if something happens or new information comes to light, they will let customers know as soon as reasonably possible.
Janse van Rensburg said they want to get important information to clients as quickly as possible.
“We could have completed the whole forensic investigation and then sent out notifications, but felt it would be irresponsible to do it that way.”
Jan Vermeulen24 February 2022
Absa data leak — more customers affected
Your email address
Subscribe
Absa has sent a notice to several new clients found to be affected by a November 2020 data leak, when a former employee gave people’s personal information to a platform that sold it to third parties.
The former Absa staff member behind the leak was a credit analyst who had access to risk modelling systems and sensitive client information.
It is not the first time Absa has identified that more customers were affected by this leak than initially known.
In April 2021, Absa sent an email to more impacted customers. In January 2022, it sent a similar email to another batch of affected clients.
Absa said that the former employee exposed the following personal information to unauthorised third parties:
Identity numbers
Contact details
Physical addresses
Account numbers
The bank sent its latest notification by SMS. It is reproduced in full below.
Absa: As part of ongoing investigations of an internal data leak, some of your personal information has been compromised. It includes your ID number, contact details and account number. We have heightened precautionary measures to protect your financial interests, and you might receive a phone call from Absa to validate potentially suspicious transactions. Please note that we will never ask you to share your “keys to the safe” (online banking PIN or password, card CVV, PIN or OTP) with anybody. If you notice any suspicious activity on your account, contact our Fraud Hotline on 0860 557 557. Any unauthorised debit order activity on your account can be reversed via Online Banking or by calling 08600 08600. Auth FSP.
Ongoing investigation
Absa retail and business bank fraud strategy head Ulrich Janse van Rensburg told MyBroadband that they are notifying customers as their investigation uncovers more details.
Janse van Rensburg said that when they first discovered what a trusted staff member was doing with personal customer data, Absa applied for Anton Piller orders to identify and confiscate all the devices connected to the leak.
Anton Pillers are search orders granted under exceptional circumstances where the subject of the search is not given any warning.
These orders aim to prevent the accused from potentially destroying evidence.
As forensic investigators found more data on the seized devices, Janse van Rensburg said the bank cleaned it up and sent additional notifications to affected customers.
He explained that the delay between notifications is because of the complex nature of the investigation.
“We have to work through devices and identify what belongs to Absa,” said Janse van Rensburg.
“We are communicating with clients not because they are possible targets [of cyberattacks and fraud], but because of a decision we made in how we approach customer service,” he said.
Absa decided that if something happens or new information comes to light, they will let customers know as soon as reasonably possible.
Janse van Rensburg said they want to get important information to clients as quickly as possible.
“We could have completed the whole forensic investigation and then sent out notifications, but felt it would be irresponsible to do it that way.”
