Staying safe online: Protecting your personal information from data breaches
We are reminded on an almost-daily basis to guard our personal data and information fiercely by taking steps such as creating more complicated passwords, regularly changing them and not clicking on suspicious links. But what about when there is no preventative action you can take as an individual and you are caught up in a larger security breach?
This is becoming more of a common occurrence as even major global companies fall victim to cybersecurity attacks. Take AP Moller-Maersk. It is one of the biggest and most successful container shipping conglomerates in the world and on 27 June 2017, the NotPetya virus breached the company’s systems.
The consequences were devastating: the cyberattack cost between $250 and 300 million in lost revenue and the firm had to re-install its entire IT infrastructure of 45 000 new computers and 2 500 apps. It took 10 days to rectify – a long time for a busy multinational, but much shorter than the six months it typically takes to recover from an attack like this. The episode served as an expensive wake-up call not just for AP Moller-Maersk, but for other companies of all sizes all over the world.
More recently – and closer to home – was the Facebook data breach, which saw 87 million users globally and over 96 000 in South Africa at risk of having their personal information shared. Just last week in South Africa, another breach happened and saw the sensitive personal information of nearly one million South Africans who pay traffic fines online leaked. These included identity numbers‚ e-mail addresses‚ full names and passwords.
What all of these episodes illustrate is cybersecurity as an issue that needs to be prioritised by businesses and individuals alike. As a bank that handles extremely sensitive personal and financial information, Absa regards the matter as our uppermost priority and would like to warn you, our valued customers, about what to look out for to avoid becoming the victim of a breach:
- Criminals may utilise the breached information to contact the customer directly via phone calls (vishing) or emails (phishing). They will impersonate the bank and use your personal data such as your identity number, full name or email address to win your trust.
- Once they have won your trust, they will then request sensitive information such as your card PIN, card CVV or online banking password.
- It is important to note that Absa will never contact customers and request sensitive information (card PIN, card CVV or online banking password).
- Absa will also never request customers to access their online banking profile via hyperlinks provided in an email.
- Absa customers should not respond to a suspicious looking email, but rather forward it to secmon@absa.co.za, and thereafter delete the email.
If you believe that you may have fallen victim to a phishing email or a vishing call, contact the Absa Fraud Hotline immediately on 0860 557 557 to alert us to the possibility that your information may have been compromised.
The convenience of living and banking in the digital age is a time-saving bonus for most of us – but it is vital that we remain vigilant to the dangers these platforms present. It is better to err on the side of caution and always trust your gut: if something feels wrong, it probably is, so contact your bank immediately to take steps to prevent further damage from being done.
By Ulrich Janse van Rensburg, head of Fraud Strategy, and Amanda Buitendag, Head: Security & Operations, Absa Digital Channels