Nedbank client data hack - The security issues at Computer Facilities

Bradley Prior · Mar 8, 2020

Nedbank client data hack - The security issues at Computer Facilities

The third-party service provider where Nedbank recently detected a security breach appears to have had glaring holes in its defences, a security researcher told MyBroadband.

Nedbank recently disclosed to clients that it discovered a security breach at a third-party service provider called Computer Facilities.

r00igev@@r · Mar 8, 2020

Temujin · Mar 8, 2020

We deleted all the Nedbank data off their servers

Well thats that then, all fixed

My_King · Mar 8, 2020

They should have employed MyBB commenters. Not one vulnerability would have been created in the first place.

RonSwanson · Mar 8, 2020

Daruk said:
Vulnerability scanners should be a priority.

Scanning just puts it in a 6000 page report which no-one reads. For it to be useful, someone needs to read it, prioritise and act on it. Like patching, as well as upgrading ancient systems (Windows Server 2008?

). There's no excuse, if for some reason one can't patch or upgrade, then learn how to configure a WAF and IPS, and then remember to patch again when it is possible. 10 year old vulnerabilities (some with CVSS ratings greater than 9) are simply not acceptable on a financial institutions' Internet facing systems. Especially not when they have deep pockets (2 billion per year for upgrades).

hj007 · Mar 9, 2020

The difference in repercussions between SA data leaks and the US continues to astound me every time.

Join the MyBroadband community

Get started

Nedbank client data hack - The security issues at Computer Facilities

Bradley Prior

MyBroadband Journalist

r00igev@@r

Honorary Master

Temujin

Honorary Master

My_King

Honorary Master

RonSwanson

Honorary Master

hj007

Expert Member