Your personal information has been compromised by a security breach
As if 2020 has not thrown us enough curve-balls – the information and personal details of around 24 million South African consumers and nearly 800 000 business have been stolen by a suspected fraudster – from Experian, one of South Africa’s largest credit bureaus. This means that consumers now need to be more vigilant than ever when it comes to their accounts, pin numbers and personal information as criminals could use the details they obtained from the credit bureau to impersonate you, or use the existing personal data that they have from you – and trick you into giving them more information.
Banks have recommended that people change their online banking passwords and even your social media passwords. People are advised to rather be safe than sorry.
Credit bureaus collects credit information about consumers from banks, retailers, and other parties. Banks are by law required to share your data with all major credit bureaus in the country – so even if you have not personally had any details with Experian – you might be compromised.
According to the South African Banking Risk Centre (Sabric), the first thing you should do if you start noticing “funny things” on your accounts and suspect that your information has been compromised, is contact the Southern African Fraud Prevention Service (SAFPS).
When you do this, SAFPS members – which includes credit providers and banks are alerted. They will then take extra care in making sure they are dealing with you, and not a fraudster. You can contact SAFPS at email@example.com
Sadly, this breach means that unauthorized persons have access to names, identity numbers, telephone numbers and email addresses / physical addresses.
Various banks have issued statements about what you should do.
Although Nedbank says that your bank accounts are not at risk, criminals can still use this information to impersonate you, or scam you into giving them access to your accounts.
Nedbank urged its customers to take the following steps:
- Never share your passwords or PIN with anyone.
- Never disclose your personal information to anyone who calls you, emails you, or SMSs you.
- Remember Nedbank will never contact you asking for this information.
- Contact Nedbank immediately should you suspect unauthorised use of your personal information.
Standard bank has recommended that their clients do the following:
- Change banking passwords on our digital banking platforms and social media passwords.
- Register for DigiMe on the Standard Bank App Register for MyUpdates (free Standard bank SMS service) to be notified of all transactions over R100 on your accounts.
- Contact the bank or your relationship manager immediately if you suspect your bank accounts or cards have been compromised.
- Do not share your personal details, banking details or one-time pin with anyone.Register with SAFPS for protective registration – if anyone tries to apply for banking products with your ID, it will be declined or referred for further review.
Absa says is contacting affected customers.
The banks says to contact them immediately on their Fraud Hotline (0860 557 557) should you notice any suspicious behaviour or if in doubt.
Criminals are likely to approach you via email, phone, or text message and present themselves as members of a reputable organisation
“They will attempt to deceive unsuspecting consumers into disclosing their ‘keys to the safe’ (online PIN, online passwords, card PIN, card CVV number, OTP, and/or authentication messages – RVN/TVN/SureCheck).”
Capitec has commented that while the information cannot be used to access your banking profile, fraudsters may attempt to use it for phishing, where they contact you posing as your bank or other institution in an attempt to trick you into sharing further personal information.
“Your bank will never contact you to request information such as your banking pin or account number.”
First National Bank
FNB says it’s also reaching out to customers who may have been affected.
“We are working with The South African Banking Risk Information Centre (Sabric), The Banking Association of South Africa (BASA), law enforcement and regulatory authorities to mitigate any potential risks on our customers as a result of the incident.”
FNB advises their customers as follows:
- It is vitally important that you never give your Online Banking username and/or password to anyone.
- Never give your One Time PIN (OTP) to anyone.
- Never click on links in emails claiming to be from FNB.
- Also never save your passwords to your browsers.
People are already suffering financially. It would be a tragedy if they were also now victims of criminals.
Be vigilant and look out for strange transactions and notifications on your accounts. Rather safe than sorry!