• Home
  • /
  • Malware
  • /
  • SA banks scramble to quell Experian hack aftermath

SA banks scramble to quell Experian hack aftermath

Admire Moyo
By Admire Moyo, ITWeb's news editor.
Johannesburg, 20 Aug 2020

South African banks have activated their risk-mitigation measures following the hacking of credit bureau Experian, which left the personal details of millions of South Africans exposed.

Yesterday, Experian, a consumer, business and credit information services agency, confirmed it experienced a breach of data which exposed the personal information of as many as 24 million South Africans and 793 749 business entities to a suspected fraudster.

The South African Banking Risk Information Centre and Southern African Fraud Prevention Service have been working with banks and Experian to identify which of their customers may have been exposed to the breach and to protect their personal information, even as the investigation unfolds.

Responding to ITWeb via e-mail following the breach, Christine Wu, managing executive for customer value management at Absa Retail and Business Bank, says after notification by Experian of a data breach, the big four bank has proactively taken risk-mitigation steps to protect its customers.

“To this end, we have isolated, amongst others, impacted accounts to ensure the matter is dealt with promptly and comprehensively,” Wu says.

“We are in control of the situation and are contacting impacted customers directly. We urge our customers to heighten their vigilance against any possible fraud – never share your banking credentials with a third-party.”

Watch out for impersonation

First National Bank (FNB) issued a statement last night saying: “We are working with the South African Banking Risk Information Centre, the Banking Association of South Africa, law enforcement and regulatory authorities to mitigate any potential risks on our customers as a result of the incident.”

It says customers are advised to be extra vigilant and follow the bank’s recommended security precautions, which can be found in the security centre on the FNB app and online banking.

The bank is communicating directly to customers who may have been impacted from a banking perspective.

“The protection of our customers’ banking information is our utmost priority,” says FNB.

Likewise, African Bank last night sent out a statement saying the breach of data means certain customers’ personal information, including identity numbers, cell numbers, etc, had been compromised.

African Bank says the compromise of personal information can create opportunities for criminals to impersonate an individual but does not provide access to a customer’s banking account or details.

“This breach of personal information does impact our credit customers because we have to, by law, disclose all details of customers who have credit with us to three credit bureaus, one of which is the Experian credit bureau,” says Piet Swanepoel, chief risk officer of African Bank.

“Of importance is that our customers’ banking credentials have not been breached, so fraudsters will not be able to access any of our customers’ banking details. We have in any event enhanced our security measures to protect our customers,” he notes.

“Customers should, however, remain aware fraudsters can impersonate a bank and contact customers and pretend to be their bank since they may know their ID and cell numbers.”

Looming phishing attacks

Meanwhile, commenting on the hack, Heino Gevers, cyber security expert at Mimecast, says: “It’s encouraging to see how quickly Experian made the breach public and informed the necessary authorities.”

Gevers believes that judging by Experian’s statement, swift action was taken to impound the stolen data and delete it.

“Hopefully, their quick response means no copies were made, but irrespective, banking customers should be on high alert for targeted phishing and impersonation attacks via e-mail, SMS or phone call.

“Banks will be contacting their customers about the breach, but it’s important for individuals to verify the legitimacy of every piece of communication they receive. Do not click on links and do not hand over personal information over the phone or via electronic communication,” Gevers says.

“Rather go directly to the bank’s Web site. Mimecast’s State of E-mail Security 2020 report shows that 53% of South African organisations saw an increase in phishing attacks over the last year, while 46% witnessed an increase in impersonation fraud. These attacks are growing every year.”

Gevers adds that it’s easy for criminals to register lookalike domains and launch sophisticated attacks impersonating trusted brands that are nearly indistinguishable from the real thing.

“It has become common for malicious actors to use our favourite brands and services to trick people into handing over money or sensitive information. Our research shows that 84% of local organisations are concerned about a Web domain, brand exploitation, or site spoofing attack. Individuals should, therefore, remain cyber aware at all times, irrespective of whether the information of this particular breach remains in the wrong hands at this time.”

The Experian hack comes as several South African organisations have recently been hit by cyber attacks.

Following the recent hacks and data breaches at Garmin, Life Healthcare Group, and now the Experian hack, IT solutions and cyber security provider Trend Micro believes organisations are not focusing on the right things in their handling and safeguarding of data.

Trend Micro believes it is imperative to focus now more than ever on safeguarding their digital perimeters, as resilience is key to surviving the continued onslaught of threats during the COVID-19 pandemic.