A vulnerability in the network of marketing contractor Computer Facilities led to a breach at the South African bank.
Nedbank, one of South Africa's largest financial institutions, last week disclosed a security incident affecting the personal data of 1.7 million past and current customers.
The breach started with a "data security issue" at Computer Facilities, a third-party marketing contractor Nedbank was using to send SMS and email marketing information, the bank said in a statement. Nedbank identified the vulnerability as part of its routine monitoring procedures. Once it was discovered, officials alerted the service provider and launched an investigation.
"We have moved swiftly to proactively secure and destroy all Nedbank client information held by Computer Facilities (Pty) Ltd.," the bank reported, noting the contractor has removed its systems from the Internet as a precautionary measure. This incident affected data belonging to about 1.7 million total Nedbank clients, of which 1.1 million are active customers.
A subset of the compromised data includes personal information like names, ID numbers, telephone numbers, physical addresses, and/or email addresses of some Nedbank clients.
Read more details here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "8 Things Users Do That Make Security Pros Miserable.""
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024