Standard Bank, Africa’s biggest bank by assets, has informed its business clients of a data breach that exposed their personal information.
“We are writing to inform you of a recent incident that involved unauthorised access to certain data within the Standard Bank of South Africa’s environment,” says the bank in an e-mail to clients.
“We believe in maintaining transparency with our clients, and as such, we are notifying you directly. Regrettably, your information was among the select data sets that may have been accessed.”
The announcement comes soon after Standard Bank subsidiary Liberty late last month also suffered a data breach which affected clients.
The big-four bank would not comment on ITWeb's query if the data breach is related to that of Liberty.
According to Standard Bank, its data breach exposed select client records, including “account numbers, limited account information, business names, and ID or registration numbers”.
This heightens the risk of identity theft, fraud, and phishing attempts.
“We identified unauthorised access to select data and immediately took steps to enhance our environment to mitigate the impact. Our transactional banking systems were not accessed, remain secure and operational, and available to all our clients. As a result, no clients’ funds are affected and accounts remain secure,” the big-four bank says.
“Our teams, supported by experts, have launched a full investigation into this incident, which is ongoing. We have also strengthened our monitoring mechanisms to detect and prevent any suspicious activity. The safety and protection of our clients’ information remain our top priority. We operate within a stringent regulatory framework and continue to comply fully with all legal and supervisory obligations.”
Standard Bank urges affected clients to remain vigilant and adhere to good security practices, noting that personal information exposed in the breach could be exploited by unauthorised third parties for identity theft, fraudulent transactions, and phishing or social engineering attacks.
The bank advises customers not to share sensitive details such as PINs, passwords, CVVs or one-time passwords (OTPs), to avoid clicking on sign-in links in e-mails or SMS messages, and to instead access digital banking through official channels.
It is also encouraging the reporting of suspicious emails to its dedicated phishing inbox (phishing@standardbank.co.za).
“Treat unsolicited calls with caution. If unsure, hang up and contact us using the official contact details on our website or through your relationship manager. Be alert to possible SIM-swap indicators, such as sudden loss of network signal or missing OTPs.”
The Standard Bank attack comes at a time South African organisations are increasingly getting targeted by cyber criminals.
Besides Liberty, last week, Stats SA confirmed that a group of hackers had accessed its information, but said will not give in to its ransom demands.
ITWEB SECURITY SUMMIT 2026:
To learn about defending organisations against today’s evolving cyber threats, register for ITWeb Security Summit Cape Town 2026 or ITWeb Security Summit 2026 in Johannesburg, where global and local experts will unpack the latest security trends and solutions.
This, after a hacker group called XP95 claimed on Telegram that it accessed private and personal information from Stats SA. It claims to have 154GB of information from the government organisation and is demanding $100 000 (R1.7 million) in ransom.
XP95 also claimed responsibility for accessing private and personal information from the Gauteng City Region Academy, alleging it had obtained 147GB of data. It is demanding a $100 000 (R1.7 million) ransom.
The Gauteng City Region Academy is a Gauteng provincial government entity focused on developing skills and expanding access to education and training opportunities for young people in the province.
It is best known for administering bursaries, internships and learnership programmes that support students from disadvantaged backgrounds to pursue higher education and vocational training.
ITWeb recently reported that, in an environment where hacks are surging even as response times improve, JSE-listed companies could lose as much as 30% of their share value following a crisis such as a cyber attack.
Threats per week are growing, with Check Point Research saying that in January, South African organisations faced an average of 2 145 cyber attacks per week, a 36% increase year-on-year. The global average was 2 090.
Share
