2 min read

South Africa"s PostBank is Replacing 12 Million Bank Cards After Major Security Breach

Alina BÎZGĂ

June 15, 2020

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
South Africa"s PostBank is Replacing 12 Million Bank Cards After Major Security Breach

South Africa”s Postbank has suffered a major data breach, forcing the financial institution to replace 12 million bankcards after rogue employees stole its 36-digit master key.

Data breaches have become a day-to-day struggle for businesses and organizations across the world and, from time to time, the bad actors lurk within the organization itself. According to reports, in December 2018, the culprits covertly printed out the bank”s master key in plain text, stealing approximately $3.35 million from beneficiaries who receive social grants every month.

You can also check if your private data has been exposed online! Use Bitdefender”s Digital Identity Protection tool to see where you stand at the moment and what the internet knows about you.

The Sunday Times, which obtained a forensic report completed in July 2019, provided a detailed description of the events. It appears that the master key was exposed in July 2018 during a data center move. It was compromised “after being stored in clear text on one laptop (at a minimum) and remains compromised to the present day,” the report said.

The attackers could have also accessed the bank”s systems, editing account balances, and resetting or filling up Postbank cards. By December 2019, bank officials registered around 25,000 fraudulent transactions in their system. Between 8 million and 10 million cardholders were affected and, besides stealing funds from their accounts, the bad actors could have also exfiltrated the personal information of an additional 1 million customers.

The cost of replacing the affected cards is $58.7 million, and bank officials have yet to confirm if grant beneficiaries who were affected by the fraudulent acts will be reimbursed for their loses. “It appears that the significance of magnitude of this card breach may have been comprehended by Postbank operations and IT senior management,” former chief risk officer Benjamin April said in a January report. The Sassa master key compromise is a significant failure for the Postbank and also for the national payment system.”

In September 2019, South Africa”s Reserve Bank provided an 18-month deadline for Postbank to replace the 12 million compromised cards. The bank also prohibited contactless offline transactions for cardholders within the same timeframe.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Identity theft victims report long-lasting physical and emotional problems, ITRC says Identity theft victims report long-lasting physical and emotional problems, ITRC says
Alina BÎZGĂ

September 29, 2022

2 min read
What Happens to Your Data When a Company Gets Breached What Happens to Your Data When a Company Gets Breached
Filip TRUȚĂ

September 28, 2022

2 min read
Data Breach at Australia Telecom Giant Exposes PII of 10 Million Customers Data Breach at Australia Telecom Giant Exposes PII of 10 Million Customers
Alina BÎZGĂ

September 27, 2022

2 min read