Absa has informed affected customers of a data breach which exposed the personal information of a small portion of its client base to external parties.
The bank sent an email to affected clients on Monday 30 November, warning them that their personal information had been shared with third parties.
Absa confirmed that identity numbers, contact details, physical addresses, and account numbers were exposed to external parties.
The precise number of affected customers remains unconfirmed, but Absa has referred to it as a “small portion” of its client base.
Absa said customer data was exposed due to the actions of an employee who acted unlawfully.
It added that upon discovering the contravention, it secured High Court orders that enabled search and seizure operations at various premises and secured all devices containing the data.
Following this incident, the South African Fraud Prevention Service (SAFPS) has advised South Africans to register for protection against identity theft and fraud.
The SAFPS pointed out that this most recent data leak follows after the major Experian breach earlier this year, which exposed the private of customers across major banks in South Africa.
“Both the Experian and Absa data leaks highlight the need for the public to not only be aware of their digital footprint, but to take active steps to prevent themselves from becoming victims of fraud,” said SAFPS CEO Manie van Schalkwyk.
“It is vital that every South African knows that they can turn to the SAFPS for free protection against fraud. The SAFPS offer several services that can serve as a vital shield for consumers.”
This includes a free Protective Registration service, which allows South Africans to register on the SAFPS system for better protection against potential fraud.
Protective Registration provides an added layer of protection and peace of mind regardless of whether the identity of the applicant has been compromised, the SAFPS said.
South Africans who fall victim to identity theft can also contact the SAFPS for assistance if they run into problems resolving the issue with the credit provider involved.
Beware unauthorised debit orders
Following the exposure of client data to external parties, Absa said that it has improved its security measures around debit orders.
“Be assured that we will contact you if we detect unauthorised debit orders on your account,” Absa said.
The bank said it has put measures in place to prevent and detect unauthorised debit orders on the accounts of affected clients.
“Kindly note that we will never ask you to approve the reversal of unauthorised debit orders,” it said.
Affected customers should also be wary of phishing emails or calls which attempt to gain sensitive information such as their online banking credentials, PIN, or CVV number.