A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank.

Dark Reading Staff, Dark Reading

February 18, 2020

1 Min Read

Nedbank, one of South Africa's largest financial institutions, last week disclosed a security incident affecting the personal data of 1.7 million past and current customers.

The breach started with a "data security issue" at Computer Facilities, a third-party marketing contractor Nedbank was using to send SMS and email marketing information, the bank said in a statement. Nedbank identified the vulnerability as part of its routine monitoring procedures. Once it was discovered, officials alerted the service provider and launched an investigation.

"We have moved swiftly to proactively secure and destroy all Nedbank client information held by Computer Facilities (Pty) Ltd.," the bank reported, noting the contractor has removed its systems from the Internet as a precautionary measure. This incident affected data belonging to about 1.7 million total Nedbank clients, of which 1.1 million are active customers.

A subset of the compromised data includes personal information like names, ID numbers, telephone numbers, physical addresses, and/or email addresses of some Nedbank clients.

Read more details here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "8 Things Users Do That Make Security Pros Miserable.""

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights