Old Mutual targeted in data breach

Financial services company Old Mutual has notified its customers of a data breach, after it detected unauthorised entry to one of its systems which led to some personal customer information being accessed.

The company said that personal information of a relatively small group of customers in South Africa was  accessed including ‘customers’ name, telephone number and some investment values’.

The finance group stressed that no transactional details, credit card information, banking details, medical information or passwords were accessed.

“We can confirm that customers’ portfolios remain intact and no financial losses were incurred,” Old Mutual said.

“Old Mutual detected a case of unauthorised entry into one of our systems. Some personal information of a relatively small group of our customers in South Africa was unfortunately accessed.

“We moved swiftly to close access to the targeted system. Our control processes kicked in to safeguard customer portfolios and we can confirm that no customers incurred any financial loss,” it said in a precautionary notice to all customers.

“Immediate steps were taken to further tighten our security, and our systems and surveillance remain on high alert.”

According to Old Mutual, upon detection, it immediately shut down the unauthorised access point, and it also took immediate steps to further tighten security controls and protect against any such incident happening in future.

“We have notified the regulators. We are co-operating closely with the SAPS and the investigation is ongoing. Following the completion of an intensive internal investigation to fully understand the cause, Old Mutual will take the necessary management actions.
Our surveillance and systems are on high alert,” it said.

The group said that it ring-fenced the affected accounts, and contacted clients directly. It also warned customers to be on the look out for any fraudulent contact they might received.

“We would like to sincerely apologise for any concern this may raise with our customers. We view this case in a very serious light – one customer is one too many. We assure you we are conducting stringent reviews to ensure that no incident of this nature is repeated,” Old Mutual said.

It is unclear when the breach occurred, however, Old Mutual informed customers that those affected would be contacted by Friday, 26 May 2017.

BusinessTech was unable to obtain any additional comment from Old Mutual by the time of publication.

Read: Big jump in reported digital banking fraud in SA