Za: PayGate confirms credit breach

Posted on by Dissent

Bianca Capazorio reports on a payment processor breach in South Africa that occurred back in August but is first being acknowledged this week by the firm, PayGate:

The Payments Association of SA (Pasa) said on Friday that “the card data emanating from these online transactions seems to have been stored in a manner which does not meet the stringent security standards expected by Pasa, the international card schemes and the banks”.

PayGate managing director Peter Harvey said yesterday that their systems were breached in August, exposing “some” credit card numbers to risk.

“We detected unauthorised activity on our server in August and immediately took action to secure our systems and protect our customers,” he said, adding that the company had worked closely with the card associations and international security experts to complete a “detailed forensic investigation”.

[…]

Category: Breach IncidentsFinancial SectorHackNon-U.S.

2 thoughts on “Za: PayGate confirms credit breach

    1. They haven’t said much, but in digging around, I found this statement in a Nov. 12 media report:

      Harvey was unable to give out more details for fear of it jeopardising the unit’s investigation, but categorically ruled out an internal breach.

      Harvey, told Moneyweb that PayGate’s IT team, which monitors its servers daily, found an unauthorised file hidden on the web server in August.

      “They alerted the management team and we immediately appointed a local specialist security firm, to do a complete scan of all our systems and they found evidence that a breach was likely.

Comments are closed.