Nearly two million customers affected as Nedbank suffers data hack

A total of 1.7 million customers of one of South Africa's major banks, Nedbank, were affected after the bank disclosed a breach that affected the personal details of users.

According to Business Insider, the data breach occurred due to a vulnerability in the bank’s third-party marketing contractor Computer Facilities’ network.

Digital journal news revealed that Nedbank's structural weakness allowed an attacker to access its systems.

Computer Facilities is a direct marketing company that issues SMS and email marketing information on behalf of Nedbank and a number of other companies - Digital journal.

Commenting for Digital Journal, Anurag Kahol, CTO, Bitglass informed that "these types of third-party breaches, such as the incident involving Nedbank £can still harm end-customers, their trust, and their desire to purchase goods or services from a brand. In fact, according to PriceWaterhouseCoopers, 87 per cent of customers will take their business elsewhere if they feel like a company is failing to handle their data responsibly."

Kahol also expresses concern over the random way by which the data breach was detected, pointing out: "The network vulnerability of Nedbank’s contractor was only identified when the bank performed routine monitoring processes on its partner’s systems."

In terms of what preventative measures can be adopted by financial institutions, Kahol explains that to "protect consumer data and maintain trusting and secure business relationships, organizations should look for security platforms that enforce real-time access control, detect and remediate misconfigurations, encrypt sensitive data at rest, manage the sharing of data with external parties, and prevent data leakage."

Kahol concludes by empathizing: "It is only through the use of a comprehensive arsenal of advanced tools that visibility and control over data can be maintained.”

Digital Journal