SA insurer falls victim to cyberattack

Lombard Insurance Company suffered a data breach last month, according to several statements published on its website.

The company first disclosed on 16 July that it had been the victim of a hacking attack on its systems by “criminals targeting its data” but the news was only picked up by the media this week when IT-Online reported that customers had been warned that their personal details could have been compromised.

News of the attack comes at the same time that Experian South Africa, a credit bureau, is dealing with the impact of a suspected fraudster making off with the records of as many as 24 million South Africans. The Experian incident was not a cyberattack, however, but rather the result of the suspect pretending to be a legitimate client.

In its 16 July statement, Lombard Insurance said it immediately hired independent technology and forensic experts to analyse the breach and restore the integrity of its systems.

In a statement the next day, MD James Orford provided more information of the breach. He said the company alerted the relevant authorities.

Then, on 29 July, Orford said in a further statement that the its customers should “remain vigilant of any e-mails, telephone calls, WhatsApp messages or SMSes asking you for more information to help you deal with any data security incidents. Fraudsters often pose as officials from trusted authorities like the police or banks.”

‘Necessary steps’

He said Lombard Insurance “sincerely regrets … that this criminal act may have resulted in unauthorised access to data relating to you”.

“We take the safety and security of our clients’, brokers’ and staff’s data extremely seriously and continue to take the necessary steps to protect and secure it against any future attacks,” Orford said.  — © 2020 NewsCentral Media