South Africa"s PostBank is Replacing 12 Million Bank Cards After Major Security Breach
South Africa”s Postbank has suffered a major data breach, forcing the financial institution to replace 12 million bankcards after rogue employees stole its 36-digit master key.
Data breaches have become a day-to-day struggle for businesses and organizations across the world and, from time to time, the bad actors lurk within the organization itself. According to reports, in December 2018, the culprits covertly printed out the bank”s master key in plain text, stealing approximately $3.35 million from beneficiaries who receive social grants every month.
You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.
The Sunday Times, which obtained a forensic report completed in July 2019, provided a detailed description of the events. It appears that the master key was exposed in July 2018 during a data center move. It was compromised “after being stored in clear text on one laptop (at a minimum) and remains compromised to the present day,” the report said.
The attackers could have also accessed the bank”s systems, editing account balances, and resetting or filling up Postbank cards. By December 2019, bank officials registered around 25,000 fraudulent transactions in their system. Between 8 million and 10 million cardholders were affected and, besides stealing funds from their accounts, the bad actors could have also exfiltrated the personal information of an additional 1 million customers.
The cost of replacing the affected cards is $58.7 million, and bank officials have yet to confirm if grant beneficiaries who were affected by the fraudulent acts will be reimbursed for their loses. “It appears that the significance of magnitude of this card breach may have been comprehended by Postbank operations and IT senior management,” former chief risk officer Benjamin April said in a January report. The Sassa master key compromise is a significant failure for the Postbank and also for the national payment system.”
In September 2019, South Africa”s Reserve Bank provided an 18-month deadline for Postbank to replace the 12 million compromised cards. The bank also prohibited contactless offline transactions for cardholders within the same timeframe.
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022