Bad news for Standard Bank customers in South Africa
Standard Bank says it detected unauthorised access to its clients’ personal information, which included names and ID numbers.
On 23 March, Standard Bank alerted its customers about an incident where unauthorised access to some personal information was detected.
In a later update, the bank noted that its banking systems were not impacted and remain secure and operational. The bank worked with external experts to investigate the leak.
While the bank said that the specific information involved may differ from person to person, the affected information involved includes names, ID numbers and company registration numbers.
The bank, which is South Africa’s largest by assets under management, said it is strengthening controls and enhancing monitoring in line with industry best practice to safeguard information.
While the incident was reported to regulatory authorities, the bank provided a series of tips to help mitigate fraud risk.
It warned that the risk from the data leak is that someone may impersonate you or contact you fraudulently.
This could include emails, messages or calls that appear genuine, or attempt to use your details without permission.
With this in mind, the bank recommended updating banking passwords, enabling digital banking platforms, not sharing personal information when requested and using strong passwords.
It also recommended registering with the Southern African Fraud Prevention Service for protective registration, which is a free service that prevents anyone from trying to apply for banking services with your ID number.
Other tips include verifying any unexpected emails, SMS, or calls requesting sensitive information via trusted banking channels, and avoiding clicking on suspicious links or unfamiliar website URLs.
“We want to reassure you that protecting your privacy and personal information remains our highest priority,” said the Big Four bank.
“If we discover that any additional information was affected, we will provide further updates on our website or directly to you.”
Liberty also affected
Standard Bank subsidiary Liberty was also hit by a data breach in March, resulting from unauthorised third-party access to select data systems.
Yuresh Maharaj, CEO of Insurance and Asset Management at Standard Bank, said that Liberty’s services were unaffected, fully operational and available to all clients, advisers and employees following the breach.
“Liberty recently detected unauthorised access to your personal information. Your policies and investments remain secure, and our services are running normally,” it said in a note to clients.
Standard Bank took full control of Liberty four years ago. The bank previously held a 53.6% stake in the asset manager and insurer, but decided to acquire the remaining shares it did not already own.
Acquiring full control of Liberty was aimed at fully integrating the bank’s insurance and asset management divisions, which would create a more efficient group.
The recent technological issues for Standard Bank are not new, with the latest breach joining a growing list of technological problems that have hit the Big Four bank.
The bank experienced severe IT system outages across its operations for 2 months in 2022. This led to the resignation of its then chief engineering officer, Alpheus Mangale.
The bank’s IT struggles also occurred late last year, when an outage prevented customers from accessing the full functionality of its online and mobile banking channels.
The challenges were due to an issue reported by software provider Sage, which identified an issue with the feeds it received from Standard Bank.
Loading ...