Nedbank, one of South Africa's largest financial institutions, last week disclosed a security incident affecting the personal data of 1.7 million past and current customers.
The breach started with a "data security issue" at Computer Facilities, a third-party marketing contractor Nedbank was using to send SMS and email marketing information, the bank said in a statement. Nedbank identified the vulnerability as part of its routine monitoring procedures. Once it was discovered, officials alerted the service provider and launched an investigation.
"We have moved swiftly to proactively secure and destroy all Nedbank client information held by Computer Facilities (Pty) Ltd.," the bank reported, noting the contractor has removed its systems from the Internet as a precautionary measure. This incident affected data belonging to about 1.7 million total Nedbank clients, of which 1.1 million are active customers.
A subset of the compromised data includes personal information like names, ID numbers, telephone numbers, physical addresses, and/or email addresses of some Nedbank clients.
Read more details here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "8 Things Users Do That Make Security Pros Miserable.""