South African retail bank African Bank has confirmed that one of its debt recovery partners, Debt-IN, was targeted by a ransomware attack in April 2021.
At that time, advice from security experts concluded that there was no evidence that the attack had resulted in a data breach, however now BusinessTech reports that Debt-IN has become aware that personal data of certain customers, including a number of African Bank Loan customers who had been under debt review at the time, has been compromised by the threat actors.
In response, African Bank says that it is confident that no data shared after the 1 April attack has been compromised.
“A robust mitigation plan has been implemented by Debt-IN to contain and reduce any further adverse impact,” the lender said.
“We have been collaborating with Debt-IN to address this breach. We have notified the relevant regulatory authorities and we are also in the process of alerting customers who have been affected, via email and SMS.”
African Bank’s fraud prevention team has since enhanced security measures to protect all the bank’s customers as a precaution.
“If you detect any suspicious activity, or feel that your information has been compromised, you can apply for a free Protective Registration listing with the Southern African Fraud Prevention Services (SAFPS),” African Bank said.
“This will alert banks and credit providers that an identity has been compromised. You can apply by emailing email@example.com.”
Ransomware Against SA’s Institutions
The Debt-IN attack is just one amongst other similar attacks that have led to data breaches and slowing of services in South Africa.
In July, the country’s logistics and port operator Transnet was the victim of an apparent ransomware attack, with its IT systems, websites, and Navis container terminal OS all going offline after the attack.
To discover how to successfully recover from a ransomware attack on your organisation, click here.