Hackers steal R100 million from SA University, but lost most of it

Hanno Labuschagne

Journalist
Staff member
Joined
Sep 2, 2019
Messages
2,573
Hackers stole R100 million from SA University, but lost most of it

The University of Mpumalanga almost lost R100 million after a forged email convinced senior staff that its asset manager's banking details had changed from Standard Bank to FNB, City Press reported.

Citing sources within the university's management team, the paper reported that the social engineering attack was "strongly suspected" to be an inside job.

However, the university denied this, saying that an internal investigation uncovered no evidence of an inside job.
 

Sapphiron

Expert Member
Joined
Jan 29, 2004
Messages
2,774
Mmmm. I am about to transfer 100mil to an external bank account.

Oh, new bank account details received via email. I wonder if I should phone the sender to make sure the details are authentic. Nah, its almost lunch time and I want to knock off early, while my boss is out of the office.
 

Sensorei

Executive Member
Joined
Sep 15, 2008
Messages
5,982
Mmmm. I am about to transfer 100mil to an external bank account.

Oh, new bank account details received via email. I wonder if I should phone the sender to make sure the details are authentic. Nah, its almost lunch time and I want to knock off early, while my boss is out of the office.
Accountability and responsibility is always someone else's problem in SA.
 

markings

Expert Member
Joined
Jan 24, 2010
Messages
1,907
Mmmm. I am about to transfer 100mil to an external bank account.

Oh, new bank account details received via email. I wonder if I should phone the sender to make sure the details are authentic. Nah, its almost lunch time and I want to knock off early, while my boss is out of the office.
And changing bank details of an investment company's account can be made without a second or even third person's approval? Where are the control systems?
 

grok

Honorary Master
Joined
Dec 20, 2007
Messages
24,906
Haven't they even heard of the most basic of authorization principles like Maker-checker?

Oh wait, probably just one of those too Western Paragigmy things for South Africa..
 

G.A.S

Senior Member
Joined
Jul 12, 2007
Messages
584
So it took the university a month to discover that they paid into the wrong account... :rolleyes:
 

gregmcc

Honorary Master
Joined
Jun 29, 2006
Messages
23,582
Someone should seriously be fired for this. How can you still fall for this nowadays
 

Hellhound105

Executive Member
Joined
Jun 5, 2018
Messages
6,841
"University"

Must have been one of those new age "Engineers" working in accounts
 
Top