cyber Breach

Postbank

May 11, 2023 1 min read
Postbank

The Postbank had to replace about 12 million bank cards at a cost of R1 billion after a major security breach.

The breach exposed the personal data of millions of social grant beneficiaries and other account holders.

The breach resulted from the printing of the bank's encrypted master key in plain, unencrypted digital language at Postbank's old data center in the Pretoria city center.

The master key was then stolen by employees.

Source: https://www.itweb.co.za/content/nWJadvbekrmqbjO1

TPRM report: https://scoringcyber.rankiteo.com/company/postbank

"id": "pos21502123",
"linkid": "postbank",
"type": "Breach",
"date": "06/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': 'Millions of social grant '
                                              'beneficiaries and other account '
                                              'holders',
                        'industry': 'Banking',
                        'location': 'Pretoria, South Africa',
                        'name': 'Postbank',
                        'type': 'Financial Institution'}],
 'attack_vector': 'Internal Theft',
 'data_breach': {'data_encryption': 'No',
                 'data_exfiltration': 'Yes',
                 'number_of_records_exposed': 'Millions',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Personal data'},
 'description': 'The Postbank had to replace about 12 million bank cards at a '
                'cost of R1 billion after a major security breach. The breach '
                'exposed the personal data of millions of social grant '
                'beneficiaries and other account holders. The breach resulted '
                "from the printing of the bank's encrypted master key in "
                "plain, unencrypted digital language at Postbank's old data "
                'center in the Pretoria city center. The master key was then '
                'stolen by employees.',
 'impact': {'data_compromised': 'Personal data of millions of social grant '
                                'beneficiaries and other account holders',
            'financial_loss': 'R1 billion'},
 'motivation': 'Theft of sensitive information',
 'post_incident_analysis': {'root_causes': 'Encrypted master key printed in '
                                           'plain, unencrypted digital '
                                           'language'},
 'response': {'recovery_measures': ['Replacement of 12 million bank cards']},
 'threat_actor': 'Employees',
 'title': 'Postbank Security Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Encrypted master key printed in plain, '
                            'unencrypted digital language'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.