The person behind the recent Absa data breach was a credit analyst at the bank who had access to risk modelling systems and sensitive client information.
The employee, who Absa said they trusted, leaked the client data to an external platform and then sold it to third parties.
This is feedback from Absa chief security officer Sandro Bucchianeri, who was speaking to ENCA about the data breach.
Bucchianeri first learned about the data breach on 27 October, after which they informed the Information Regulator about it.
Around a month after first being alerted to the data breach, Absa sent an email to affected clients warning them that their personal information had been shared with third parties.
He said the communication with customers was delayed to ensure they did not compromise the investigation, which was going through a court process at the time.
To date, Absa has not provided much detail about the number of clients affected and the person behind the leak, but Bucchianeri has now shed more light on the issue.
He said the Absa credit analyst sold private information about their retail banking clients to third parties.
While Bucchianeri could not divulge who these third parties were, he said they were from a “marketing type perspective who were looking for that type of information”.
“They may use the information to sell services or try to commit fraud on these accounts,” he said.
This employee has subsequently been suspended pending further information. Absa has also brought criminal charges against the employee, and these are playing out in the courts now.
Bucchianeri said the information which was leaked included bank account numbers, names and surnames, ID numbers, and contact details.
He added that the details of around 200,000 of their retail banking customers have been compromised.
Absa has now destroyed the leaked data and the external party devices have gone through an independent forensic review.
“We are in the process now to obtain the files for our own investigation,” said Bucchianeri.
He said Absa may also bring charges against the third parties who had access to the leaked data.
Following the data breach, Absa has implemented heightened monitoring on all the clients’ accounts who were leaked.
Absa email to affected clients
We regret to notify you that Absa has identified an isolated internal data leak whereby personal information of a limited number of Absa customers was shared with parties external to the Bank. We are contacting all affected customers directly.
Unfortunately, some of your personal information formed part of this data which included your identity number, contact details, address and account numbers. Absa takes the protection of personal data extremely seriously and has taken proactive steps to address the potential risk to our customers.
We’re reaching out to you, our valued customer, to assure you that we have taken precautionary measures to protect you and your financial interests. As part of these monitoring measures, you might receive a phone call from us to validate potentially suspicious transactions to ensure heightened protection of your interest. Please note that we will never ask you to share your “keys to the safe” (including your online banking PIN or password or your card CVV, PIN or one-time password) with us or to approve activities to prevent fraud.
Never disclose your “keys to the safe” to anybody even if someone presents themselves as a representative of the bank. If unsure, we advise you to terminate the call and call our Fraud Hotline on 0860 557 557.
Also do not approve a Mobile Banking application request or any other transaction request if you’re not transacting.
We have also put the necessary precautionary measures in place to prevent and detect potential unauthorised debit orders. Be assured that we will contact you if we detect unauthorised debit orders on your account. Kindly note that we will never ask you to approve the reversal of unauthorised debit orders.
We maintain a comprehensive set of controls and processes to protect your data, and constantly improve them to ensure we adapt to the evolving techniques, used by criminals, to bypass them. We have already refined our controls and processes, in light of this compromise, to further strengthen our defenses and reduce the risk of an incident like this from re-occurring.
In addition to Absa’s precautionary measures, and as added protection against digital fraud, Absa also offers a free digital fraud warranty for customers making use of our mobile app.
Kindly contact your banker if you would like further clarity. Please contact our Fraud Hotline on 0860 557 557 if you notice any suspicious activities. If you wish to dispute unauthorised debit orders, please call Private Assist on 0860 553 553 if you have a query regarding activity on your account.
The Absa Team