Registered users can save articles to their personal articles list. Login here or sign up here
In this story
 
  6 COMMENTS

  Move back to IBM mainframes from a Microsoft IT solutiom?...  

 Registered users can save articles to their personal articles list. Login here or sign up here

Was Standard Bank hacked in R300m heist?

New report suggests bank’s computer system may have been compromised before heist.

Standard Bank is not commenting on a new report that police have found that a Standard Bank computer system was probably compromised during an international heist in which ¥1.8 billion (about US$17.6 million) was illegally withdrawn from ATMs across Japan.

A report from The Yomiuri Shimbun (The Japan News) and published by the Chicago Tribune this week said that investigators have discovered that there was “unauthorised access of a computer system of the Standard Bank in South Africa that caused a malfunction of the system shortly before the cash was withdrawn”.

The Japanese newspaper quoted unnamed sources close to the investigation as saying that police suspect that the unauthorised access was made by an overseas criminal group as it required “sophisticated knowledge of hacking”.

The police investigators reportedly believe that a criminal group conspired with a sophisticated criminal syndicate to “paralyse” the system before withdrawing the cash.

In May, Standard Bank revealed that it had been the victim of the fraud. It said at the time that it expected to lose R300 million from the incident.

“The target of the fraud has been Standard Bank and there has been no financial loss for customers,” Standard Bank spokesman Ross Linstrom told Moneyweb at the time.

Reports at the time suggested that information from 1 600 credit cards was used.

According to The Yomiuri Shimbun’s sources, the cash was withdrawn with forged cards made with data stolen from credit cards issued by Standard Bank.

The newspaper reported that its sources said “analysis of the computer system revealed that a programme in the system was operated with no authorisation early in the morning on 15 May, shortly before the simultaneous withdrawals were made”.

“Police believe the system was hacked by someone from outside the bank,” it said. No trace of information that should have been sent to Standard Bank could be found, prompting the police to suspect that the bank’s systems had been hacked, it added.

The newspaper’s sources said no trace of authorisation of the withdrawals were found for a period of two-and-a-half hours from just after 5am on May 15.

Hackers also likely broke into Standard Bank computers to obtain personal data that was then loaded onto empty cards, according to the sources.

Linstrom told TechCentral on Thursday that the bank can’t comment on whether its systems were compromised by hackers as the investigation [is still ongoing]. He said the probe is at “an advanced and sensitive stage”.

“Immediate action taken by Standard Bank contained any further losses and, as communicated in May, the gross loss to Standard Bank is still estimated at R300 million. There has been no customer loss or impact,” Linstrom said.

“Standard Bank is cooperating and assisting authorities both locally and abroad. Due to the sensitivity of the investigation and the multi-jurisdictional nature of the enquiry, it would be inappropriate for Standard Bank to comment on speculation regarding this matter,” he said.

This article was first published on TechCentral. To access it, please click here.

   6 comments

To comment, you must be registered and logged in.

LOGIN HERE

Don't have an account?
Sign up here

Standard Bank had about 11 million customers in 2014/15. Add a little over R2.00 to the monthly service fees (however cleverly it’s concealed) and lo and behold R300 million recouped. Of course it has an impact on customers.

… I should have said “recouped in one year”.

Make that R3.00 just to cover for the third that may notice the charge and query it. I have has this with FNB, of course it was the computer, not a human hand involved.

To see this loss of R300 mil by Standard Bank in context – It is similar to myself losing a R1 coin through a hole in my pocket. The problem is – I know how to fix my problem, but do they have any idea how to fix theirs?

There has been no customer loss or impact, but what about the shareholders?

Move back to IBM mainframes from a Microsoft IT solutiom?

Latest Currencies

ZAR / USD
ZAR / GBP
ZAR / Euro

SEARCH CLICK A COMPANY
Enter company name or share code:

MONEYWEB NEWSLETTERS

Subscribe to our mailing list

* indicates required
Moneyweb newsletters

Podcasts

Moneyweb Investor Issue 23

South Africa is facing significant challenges and not all are of our own making. This month’s issue of The Moneyweb Investor takes a closer look at Donald Trump's economic policies and considers their implications for South Africa.
server: 172.16.0.12