A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank.
Nedbank, one of South Africa's largest financial institutions, last week disclosed a security incident affecting the personal data of 1.7 million past and current customers.
The breach started with a "data security issue" at Computer Facilities, a third-party marketing contractor Nedbank was using to send SMS and email marketing information, the bank said in a statement. Nedbank identified the vulnerability as part of its routine monitoring procedures. Once it was discovered, officials alerted the service provider and launched an investigation.
"We have moved swiftly to proactively secure and destroy all Nedbank client information held by Computer Facilities (Pty) Ltd.," the bank reported, noting the contractor has removed its systems from the Internet as a precautionary measure. This incident affected data belonging to about 1.7 million total Nedbank clients, of which 1.1 million are active customers.
A subset of the compromised data includes personal information like names, ID numbers, telephone numbers, physical addresses, and/or email addresses of some Nedbank clients.
Read more details here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "8 Things Users Do That Make Security Pros Miserable.""
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024