Nedbank has alerted its clients of a breach at Computer Services Ltd, a third-party service provider which issues SMS and email marketing on behalf of the bank.
The breach was discovered during a routine monitoring procedure and was immediately escalated into an investigation.
“A subset of the potentially compromised data at Computer Facilities included personal information (names, ID numbers, telephone numbers, physical and/or email addresses) of some Nedbank clients,” the bank said.
1.1 million of the 1.7 million affected are active clients.
“We have moved swiftly to proactively secure and destroy all Nedbank client information held by Computer Facilities (Pty) Ltd. Information from Nedbank Retail,” said Nedbank.
“We regret the incident that occurred at the third-party service provider, namely Computer Facilities (Pty) Ltd and the matter is receiving our urgent attention. The safety and security of our clients’ information is a top priority,” said Nedbank chief executive Mike Brown.
They assured clients that while the data leak is regrettable, it is not linked to Nedbank’s systems and therefore there is no risk beyond the isolated incident.
“Clients’ bank accounts are not at risk and they do not need to take any further action other than continuing to be vigilant against attempts at fraud,” they said.