{"id":473611,"date":"2022-12-11T14:59:31","date_gmt":"2022-12-11T12:59:31","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=473611"},"modified":"2022-12-11T15:00:44","modified_gmt":"2022-12-11T13:00:44","slug":"postbank-security-crisis-over-r150-million-stolen","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/technology\/473611-postbank-security-crisis-over-r150-million-stolen.html","title":{"rendered":"Postbank security crisis \u2014 over R150 million stolen"},"content":{"rendered":"<p>Postbank insiders have helped criminal syndicates steal over R150 million that should have gone towards helping South Africa\u2019s poorest families, Sunday Times <strong><a href=\"https:\/\/www.timeslive.co.za\/sunday-times\/news\/2022-12-11-postbanks-fraud-crisis-deepens-with-r150m-already-lost-to-theft\/\" target=\"_blank\" rel=\"noopener\">reports<\/a><\/strong>.<\/p>\n<p>The report comes after the poorly-secured state-owned financial institution blocked grant recipients from making ATM withdrawals using their South African Social Security Agency (Sassa) cards.<\/p>\n<p>It halted withdrawals after <strong><a href=\"https:\/\/mybroadband.co.za\/news\/security\/472485-postbank-lost-over-r18-million-in-three-months-from-cyber-fraud.html\">R18 million was stolen<\/a><\/strong> from the Postbank.<\/p>\n<p>The report revealed that several severe operational security flaws at the Postbank are allowing fraudsters to rob it blind.<\/p>\n<p>Highly sensitive systems, including Postbank\u2019s integrated grant payment system, are being accessed using a single set of credentials.<\/p>\n<p>Up to 40 employees, ranging from junior to senior staff, have this key.<\/p>\n<p>Even when fraud is discovered, it is difficult to trace the transactions to a particular staff member.<\/p>\n<p>Those with the credential can also delete transaction logs, making it difficult to detect fraud in the first place.<\/p>\n<p>Citing insider accounts, the Sunday Times also reported that the Postbank has been operating the grant payment system without activating a feature designed to detect anomalies and alert the institution to possible fraud.<\/p>\n<p>Postbank interim CEO Lucas Ndala told the newspaper all indications point to an inside job.<\/p>\n<p>He said they\u2019ve seen disturbances like this every month since taking over Sassa grant payments from the Post Office.<\/p>\n<p>\u201cIt points to a concerted effort of sabotage against the bank,\u201d stated Ndala.<\/p>\n<p>Ndala confirmed that several people were placed on suspension as a precaution.<\/p>\n<div id=\"attachment_473613\" style=\"width: 1210px\" class=\"wp-caption aligncenter\"><a  data-lightbox=\"post-image\" href=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2022\/12\/Lucas-Ndala-arms-crossed.jpg\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-473613\" class=\"size-full wp-image-473613\" src=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2022\/12\/Lucas-Ndala-arms-crossed.jpg\" alt=\"\" width=\"1200\" height=\"800\" srcset=\"https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2022\/12\/Lucas-Ndala-arms-crossed.jpg 1200w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2022\/12\/Lucas-Ndala-arms-crossed-600x400.jpg 600w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2022\/12\/Lucas-Ndala-arms-crossed-800x533.jpg 800w, https:\/\/mybroadband.co.za\/news\/wp-content\/uploads\/2022\/12\/Lucas-Ndala-arms-crossed-768x512.jpg 768w\" sizes=\"(max-width: 1200px) 100vw, 1200px\" \/><\/a><p id=\"caption-attachment-473613\" class=\"wp-caption-text\">Lucas Ndala, Postbank interim CEO<\/p><\/div>\n<p>This is not the first time the Sunday Times exposed extremely poor operational security at the bank.<\/p>\n<p>In 2020, it reported that Postbank\u2019s \u201cmaster key\u201d was <a href=\"https:\/\/mybroadband.co.za\/news\/security\/356209-master-key-stolen-in-postbank-security-breach-report.html\"><strong>stored in plaintext<\/strong><\/a> during a data centre migration in July 2018.<\/p>\n<p>Two staff members stored the key in plaintext on USB flash drives, and one of the drives couldn\u2019t be located.<\/p>\n<p>The 36-digit master key reportedly lets anyone read and write account balances, and read and alter information on any of the cards the bank has issued.<\/p>\n<p>Following the potential master key exposure, criminals siphoned around R56 million in 25,000 fraudulent transactions from Postbank accounts between March 2018 and December 2019.<\/p>\n<p>The Post Office initially denied that its master key for Postbank\u2019s cards was compromised, saying that the \u201cstories\u201d were unfounded and only sought to create panic among Postbank\u2019s clients.<\/p>\n<p>However, in January 2021, social development minister Lindiwe Zulu <strong><a href=\"https:\/\/businesstech.co.za\/news\/banking\/458834\/government-to-replace-sassa-grant-cards-after-security-breach\/\" target=\"_blank\" rel=\"noopener\">told Parliament<\/a><\/strong> that government was in talks to replace all Sassa cards following the security breach.<\/p>\n<p>Reports of all Sassa cards being replaced have led to widespread misinformation claiming the cards have expired.<\/p>\n<p>The Postbank has once again emphasised that its Sassa gold cards remain valid.<\/p>\n<h2 class=\"my-4\">Postbank\u2019s stolen millions \u2014 at least R175 million stolen since 2012<\/h2>\n<p>In March, the amaBhunghane Centre for Investigative Journalism reported that between 16 and 28 October 2021, criminals helped themselves to <a href=\"https:\/\/mybroadband.co.za\/news\/security\/439414-post-office-hack-kept-secret-r89-million-stolen.html\"><strong>at least R89,459,330 in cash<\/strong><\/a> stolen from the Postbank.<\/p>\n<p>The perpetrators fraudulently transferred the money to 279 Sassa accounts, which they withdrew at ATMs using cloned cards.<\/p>\n<p>In 2020, Zulu revealed that <a href=\"https:\/\/mybroadband.co.za\/news\/government\/400391-post-office-workers-stole-millions-in-2020.html\"><strong>over 1,700 Post Office workers<\/strong><\/a> received social grants for which they did not qualify.<\/p>\n<p>That resulted in Sassa bleeding around R1.5 million a month.<\/p>\n<p>The Post Office had also been targeted in several robberies, which saw Sassa cards and computers stolen.<\/p>\n<p>In 2012, a syndicate <a href=\"https:\/\/mybroadband.co.za\/news\/business\/41643-how-r42m-was-stolen-from-postbank.html\"><strong>stole R42 million from Postbank<\/strong><\/a> in a heist between 1 and 3 January.<\/p>\n<p>The criminals had opened several Postbank accounts towards the end of 2011, and, over New Year\u2019s, they gained access to a Rustenburg Post Office employee\u2019s computer.<\/p>\n<p>From there, the syndicate made deposits from other accounts into its own.<\/p>\n<p>Over the next three days, they used ATMs in Gauteng, Free State and KwaZulu-Natal to withdraw cash from the accounts.<\/p>\n<p>Sunday Times reported that this type of attack had reared its ugly head again.<\/p>\n<p>In one incident, criminals deposited R13.3 million into a Postbank account in 13 transactions and withdrew R9 million between 29 and 31 October 2022.<\/p>\n<p>Another case saw R21 million of Sassa funds deposited into a fraudulently created account, of which R16 million was withdrawn.<\/p>\n<p>This recent fraud was reportedly perpetrated after hours, on Saturdays, when the branches are closed.<\/p>\n<p>Criminals apparently got into the Postbank\u2019s system and client database remotely, using credentials belonging to bank tellers.<\/p>\n<p>As a result, Postbank is considering halting all weekend and after-hours transactions for the time being.<\/p>\n<hr \/>\n<h2 class=\"my-4\">Now read: <a href=\"https:\/\/mybroadband.co.za\/news\/government\/453188-postbank-sassa-gold-card-has-not-expired.html\">Postbank SASSA gold card has not expired<\/a><\/h2>\n","protected":false},"excerpt":{"rendered":"<p>Insiders have aided syndicates in stealing millions from South Africa\u2019s poorest.<\/p>\n","protected":false},"author":15,"featured_media":413640,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[35,3888,70103],"class_list":["post-473611","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-headline","tag-postbank","tag-south-african-social-security-agency-sassa"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/473611"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=473611"}],"version-history":[{"count":0,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/473611\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/413640"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=473611"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=473611"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=473611"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}