Absa bank has confirmed a data breach which exposed the personal information of a number of clients. The FSP has also pinned the leak on one of its employees who “acted unlawfully”.
“Absa advises that an employee has unlawfully made selected customer data available to a small number of external parties,” says Absa to MyBroadband.
“The leaked data relates to a small portion of Absa South Africa’s customer base to date, although investigations continue.”
In an email to clients, the banks says “we regret to notify you that Absa has identified an isolated internal data leak whereby personal information of a limited number of Absa customers was shared with parties external to the bank”.
“Unfortunately, some of your personal information formed part of this data which included your identity number, contact details, address and account numbers.”
“Absa takes the protection of personal data extremely seriously and has taken proactive steps to address the potential risk to our customers.”
The leaked information is said to include:
- ID numbers
- Account Number
- Contacts details
- Physical address
The number of clients who have been implicated in the breach has yet to be confirmed. However, Absa says that clients “might receive a phone call from us to validate potentially suspicious transactions to ensure heightened protection of your interest”.
“Please note that we will never ask you to share your ‘keys to the safe’ (including your online banking PIN or password or your card CVV, PIN or one-time password) with us or to approve activities to prevent fraud.”