Admire Moyo reports that Absa, one of the country’s largest banks, has disclosed a data breach that resulted in customer data being shared with external parties>
In a statement to ITWeb, the bank says: “Absa advises that an employee has unlawfully made selected customer data available to a small number of external parties. The leaked data relates to a small portion of Absa South Africa’s customer base, although investigations continue.”
It notes that upon discovering the contravention, Absa secured High Court orders that enabled search and seizure operations at various premises and secured all devices containing the data.
Read more on ITWeb. In related coverage, Jamie McKane reports on MyBroadband that Absa notified customers, although the notification does not seem to reveal this was an insider breach:
The bank sent an email to affected clients on Monday 30 November, warning them that their personal information had been shared with third parties.
“We regret to notify you that Absa has identified an isolated internal data leak whereby personal information of a limited number of Absa customers was shared with parties external to the bank,” Absa told clients.
“Unfortunately, some of your personal information formed part of this data which included your identity number, contact details, address and account numbers.”
h/t, @Chum1ng0