Information bureau TransUnion South Africa has confirmed that N4aughtysecTU, a hacking group, obtained data belonging to the bureau through the misuse of an authorised client’s credentials. The personal information obtained could include names and ID numbers.
The chief executive of the South African Banking Risk Information Centre (SABRIC), Nischal Mewalall says: “SABRIC has already engaged TransUnion South Africa with the aim to coordinate the banking industry’s efforts to secure bank customers’ profiles against abuse.”
South African banks take the security of their customer data very seriously and have put in place robust risk mitigation strategies to detect potential fraud on accounts and protect customer personal information, as the investigation unfolds.
Mewalall further added that the compromise of personal information does not guarantee access to a customer’s banking profile or account, but that criminals can use this information to impersonate people or trick them into disclosing their confidential banking details.
SABRIC urges bank customers and other consumers to follow sound identity management practices to mitigate the risk of identity theft and fraudulent applications, and recommends that bank customers follow these precautionary measures:
• Do not disclose personal information such as passwords and PINs when asked to do so by anyone via telephone, fax or even email.
• Change your password regularly and never share them with anyone else.
• Verify all requests for personal information and only provide it when there is a legitimate reason to do so.
• Do not use the information that may have been compromised. Rather use other personal information that you have not used previously to confirm your identity in future.
For further advice, please go to www.sabric.co.za