Absa has been hit by a data leak, which the banking group said on Monday evening was limited in nature, but which involved the “unlawful” leaking of client information by an employee.

Absa said on Monday evening in an e-mailed statement to TechCentral that the employee had “unlawfully made customer data available to a small number of external parties”.

“Absa advises that an employee has unlawfully made selected customer data available to a small number of external parties. The leaked data relates to a small portion of Absa South Africa’s customer base, although investigations continue,” it said. The bank did not immediately say what type of information was handed over.

“Upon discovering the contravention, Absa secured high court orders that enabled search and seizure operations at various premises and secured all devices containing the data. The data on these devices was subsequently destroyed,” the bank added.

It did not say when the leak happened.

Enhanced monitoring

“Absa has enhanced the monitoring of customer accounts that have been affected to date and is contacting customers directly,” it said.

“Absa has brought criminal charges against the employee, and internally the requisite consequence management has been undertaken.

“Absa may take further action in relation to the recipients of the data once the full scope of the leak is identified and all investigations are completed.”  — (c) 2020 NewsCentral Media

  • This article was updated to make it clear that this was a data leak and not a data breach