Standard Bank is not commenting on a new report that police have found that a Standard Bank computer system was probably compromised during an international heist in which ¥1.8 billion (about US$17.6 million) was illegally withdrawn from ATMs across Japan.
A report from The Yomiuri Shimbun (The Japan News) and published by the Chicago Tribune this week said that investigators have discovered that there was “unauthorised access of a computer system of the Standard Bank in South Africa that caused a malfunction of the system shortly before the cash was withdrawn”.
The Japanese newspaper quoted unnamed sources close to the investigation as saying that police suspect that the unauthorised access was made by an overseas criminal group as it required “sophisticated knowledge of hacking”.
The police investigators reportedly believe that a criminal group conspired with a sophisticated criminal syndicate to “paralyse” the system before withdrawing the cash.
In May, Standard Bank revealed that it had been the victim of the fraud. It said at the time that it expected to lose R300 million from the incident.
“The target of the fraud has been Standard Bank and there has been no financial loss for customers,” Standard Bank spokesman Ross Linstrom told Moneyweb at the time.
Reports at the time suggested that information from 1 600 credit cards was used.
According to The Yomiuri Shimbun’s sources, the cash was withdrawn with forged cards made with data stolen from credit cards issued by Standard Bank.
The newspaper reported that its sources said “analysis of the computer system revealed that a programme in the system was operated with no authorisation early in the morning on 15 May, shortly before the simultaneous withdrawals were made”.
“Police believe the system was hacked by someone from outside the bank,” it said. No trace of information that should have been sent to Standard Bank could be found, prompting the police to suspect that the bank’s systems had been hacked, it added.
The newspaper’s sources said no trace of authorisation of the withdrawals were found for a period of two-and-a-half hours from just after 5am on May 15.
Hackers also likely broke into Standard Bank computers to obtain personal data that was then loaded onto empty cards, according to the sources.
Linstrom told TechCentral on Thursday that the bank can’t comment on whether its systems were compromised by hackers as the investigation [is still ongoing]. He said the probe is at “an advanced and sensitive stage”.
“Immediate action taken by Standard Bank contained any further losses and, as communicated in May, the gross loss to Standard Bank is still estimated at R300 million. There has been no customer loss or impact,” Linstrom said.
“Standard Bank is cooperating and assisting authorities both locally and abroad. Due to the sensitivity of the investigation and the multi-jurisdictional nature of the enquiry, it would be inappropriate for Standard Bank to comment on speculation regarding this matter,” he said.
This article was first published on TechCentral. To access it, please click here.