Absa discovers more customers affected by 2020 data leak

Jan

Jan

Who's the Boss?
Staff member
Joined
May 24, 2010
Messages
13,791
Reaction score
11,610
Location
The Rabbit Hole
More Absa customers hit by data leak

Absa has continued to send notifications to more customers impacted by a data leak in October 2020.

Customers have told MyBroadband they received emails from the bank this past week informing them the leak also impacted them.
 
“The bank also offers a free digital fraud warranty for customers that use its mobile app.”
Click to expand...

They must have had almost zero incidents since moving away from OTP/USSD to 2FA couple of years ago:unsure:
 
I love how in the ABSA letter they write it up as if customers did something wrong to leak their own data on insecure devices. Amazing.

There is no direct confirmation that the leak is due to negligence on part of ABSA and they downplay the entire thing as ABSA helping victims who did something wrong.
 
Louis72 said:
They must have had almost zero incidents since moving away from OTP/USSD to 2FA couple of years ago:unsure:
Click to expand...
Yoh I wish there'd allow options on what sort of 2FA you want because sometimes you don't have access to your phone and want them to send an OTP to your email. Worse yet, I've had the mobile app just not working and I couldn't do the transaction using the website because they send the verification via the app.
 
It's time for the information regulator to make and example of these banks.

There should be automatic fines per record.

I only started getting spam SMS and Calls when I got a credit card, despite opting out of share my details with 3rd parties.
 
Dudlu said:
Yoh I wish there'd allow options on what sort of 2FA you want because sometimes you don't have access to your phone and want them to send an OTP to your email. Worse yet, I've had the mobile app just not working and I couldn't do the transaction using the website because they send the verification via the app.
Click to expand...
As an extreme backup maybe but email and SMS are insanely venerable.
Just need your email password or sim swop and it is over in terms of getting OTP's adding Beneficiaries etc

The 2FA method makes only one app install on only one secure device as the verification device at any given time.
Ensure that background app refresh with notifications is turned on, mobile data/wi-fi is reliable to get push notifications from the app.
 
“Unfortunately, this leak encompassed some of your personal information, including your identity, contact details and transactional account number,” the bank added.
Click to expand...

Nonesense. Previous database leaks of Absa, as far back as 2010 had 9,000,000+ customer details leaked. Not only on one occassion, but more that once on different years as well. Nothing would make this leak any better. Most likely their whole customer database was leaked again.
 
John Tempus said:
I love how in the ABSA letter they write it up as if customers did something wrong to leak their own data on insecure devices. Amazing.

There is no direct confirmation that the leak is due to negligence on part of ABSA and they downplay the entire thing as ABSA helping victims who did something wrong.
Click to expand...
I get the email yesterday, and felt the same...

It pisses me off that a bank of their size stuffs up on such a level, and their email informing me that my personal details were compromised, has a slight condescending tone to it... FFS.

Nothing in that email has assured me that the incident is isolated and that my details are safe. That email has made me consider changing banks, because ABSA clearly DGAF about the end user.

Fine and good to suggest that the Information Regulator imposes a penalty on ABSA, but what about my details - what if I'm suddenly married or some other fraud is committed... with ABSA fix that FUBAR on my behalf?
 
The bank also offers a free digital fraud warranty for customers that use its mobile app.
Click to expand...
Are ABSA customers only covered (against fraud committed by ABSA employees) if the customers use ABSA's mobile app and does it have to overlap the time when an ABSA employee decides to steal the customers personal info?

(I don't see why ABSA's mobile app is in any way relevant in this context)
 
who wants to bet one of those leaks was credentials admin admin for a forgotten server somewhere
 
Sapphiron said:
It's time for the information regulator to make and example of these banks.

There should be automatic fines per record.

I only started getting spam SMS and Calls when I got a credit card, despite opting out of share my details with 3rd parties.
Click to expand...
For me it was literally a few days after signing my home loan...
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter