Post Office on Postbank cybercrime attack

Media statement relating to Postbank cybercrime attack

Postbank confirms that it suffered a cybercrime attack incident resulting in a financial loss of approximately R90m, and the incident was detected and contained from causing any further financial loss. No customers have lost any money as a consequence of the cybercrime attack incident.

The cybercrime attack occurred in the last quarter of 2021. Security enhancing measures to prevent any future incidents were immediately put in place.

Postbank wishes to categorically dispute the false and incorrect information that is reported in the media that the incident was kept under wraps. There was never such attempt to hide the incident since Postbank reported the matter as required. Because an investigation was instituted once the incident was detected, Postbank acted cautiously on the span of the incident’s reporting so as to not compromise the integrity of the investigation.

The investigation is currently ongoing, as are further processes of implementing additional security enhancing measures to make our environment more robust. Cybercrime is amongst the highest ranked threats to the banking industry, and unfortunately our country is amongst the most targeted countries by cybercriminals.

The media reports that the cybercrime attack incident was accidentally detected are also absolutely incorrect. The cybercrime attack incident was detected through Postbank’s internal control mechanisms within the accounts management section as part of the daily operations procedures. In point of fact, should the accounts management controls missed picking up the incident for whatsoever other reason the incident would have been flagged through other control mechanisms in the security processes.

The cybercrime attack was complex and coordinated, typical of organized financial crime. While Postbank wishes not to provide too much information about the method used for this cybercrime incident, the incident involved an unauthorised attack on a database through the Post Office network that Postbank uses. Account balances on a number of individual accounts were inflated on the database and thereafter cash was withdrawn from ATM’s over a period of time.

Postbank wishes to apologise to all our customers and stakeholders for any inconvenience that incorrect reports of the incident could have caused.

Attribute all quotations extracted in this response to Mr Kevin Maartens, Postbank Acting CEO.

Source: Government of South Africa

Human Rights