Guiding consumers since 2009

Millions lost in card data breach

By Staff Writer

By Angelique Ruzicka, editor, Justmoney.co.za


Tens of millions of rands have been lost by South African banks after criminal syndicates obtained customer card data by infecting electric point-of-sale (POS) terminals with custom-written software called Dexter.


“It is tens of millions of rands that have been lost but not hundreds of millions. However, it is the biggest single loss event we’ve had in South Africa so far,” said Walter Volker, CEO of PASA.


Today, the Payments Association of South Africa (PASA), international card schemes (Visa and MasterCard) and South Africa’s major banks confirmed they are aware of a data compromise at a number of South Africa’s restaurant chains/franchises. 


The news comes as South African Banking Risk Information Centre (SABRIC) issued a warning to consumers to be vigilant after a 54 year old woman was shot and killed for the money she was about to deposit at an Absa branch.


According to a TechCentral source, KFC is one of the fast food chains that has been hit the hardest by the syndicate. “I am not at liberty to say which chains have been compromised but it’s certainly wider [than KFC] and includes restaurant chains. The problem was dealt with before it was broken to the media,” added Volker.


Addressing the breach
PASA said that immediate and proactive steps have already been taken to secure the relevant systems and to prevent further leakage of card details as well as identify the extent of the potential exposure. This includes cleaning-up confirmed sites, with effective custom anti-malware software, and carefully monitoring transactions on the cards involved - to detect possible unusual activity.


“PASA is working with the banks and the card schemes to implement immediate measures to block the potential exposure of personal card data and bring the merchants to a state of full compliance in relation to the Payment Card Industry Data Security Standards (PCI DSS),” said Volker.


“There is no need for concern by cardholders. Rather, it is important to be aware of the fact that the issuing and acquiring banks in the South African payments environment all have very well developed and sophisticated fraud and risk management systems in place. Additionally, the monitoring of any heightened levels of potential fraud, which might result from this card data exposure, would not require additional systems,” added Volker.


PASA and the South African banks have been working actively with the merchant industry to ensure that all companies that process card transactions implement and comply with the PCI Data Security Standards.


“However, it is the responsibility of the cardholders’ banks to decide whether they will be contacting their customers with a view to replacing any cards that might have been exposed, or placing these cards on a heightened level of monitoring before any action is taken,” said Volker. “There was no need for undue concern by cardholders however; we urge card users to report any suspicious transactions to their banks, for urgent investigation.”


Signs your card has been breached
Volker said only mag stripe cards have been affected and that no chip and pin cards were compromised and no pin numbers were obtained. The syndicate did not operate in South Africa so affected customers would’ve seen fraudulent transactions come off from overseas, particularly in the United States.


“What is important to understand is that should fraudulent transactions be perpetrated on any cards, as a result of the data compromise, cardholders will not be exposed to any losses – as is the case under normal circumstances,” concluded Volker.


What should you do?
So is cash the better alternative? Volker believes it isn’t. “No system in the world is absolutely safe. Even cash isn’t safe. From a customer point of view, payment with a card is the best way. Don’t leave your card around or do something that would compromise your pin. Consumers [with cards] are very well protected and generally banks guarantee payment,” he said.


Cardholders who have any concerns or are suspicious of any transactions appearing on their card statements, or of which they are alerted to via their SMS/email ‘in contact’ services, should contact their bank directly and immediately.


Report on fraud:
Absa: 0860 557 557
African Bank: 0800 633 633
Capitec: 0860 10 20 43
FNB: 087 575 9444
Nedbank (lost and stolen): (0)11 710 4710
Standard Bank: (0) 11 636 5964/8137/8130/6643

Recent Articles

Featured How are you taxed on your retrenchment package?

Unemployment is one of the biggest problems in South Africa. The emergence of the Covid-19 pandemic has exacerbated the situation with a lot of companies retrenching their employees.  When retrenched, you’ll receive a retrenchment package, but do you know how much tax you’re liable for?

Car repossessed – don’t be taken for a ride

When the country is facing an economic downturn, chances are your finances will feel the pinch. This can lead you to make bad financial decisions such as skipping your vehicle payments. But every decision has consequences and if you don’t pay your instalment, the bank will repossess your car. But what can you do when this happens?

 

Why you should consider gap cover

Your medical aid should protect you from incurring large medical bills when you’re sick. But what if your plan doesn’t cover the full cost of your medical expenses? We got in touch with insurance experts to find out whether gap cover is worth having.

Debt relief - What is your bank offering?

Going through a financial crisis is stressful whether it be as a result of losing your job, being short-paid, having to fork out towards an emergency payment, or finding yourself in the midst of a global pandemic. This is especially taxing if you have a debt to service. It is against this backdrop that banks are increasingly offering payment holidays. Justmoney looks at the various debt relief options available to you from the big five banks.

Deals

Premier Hotel and Resorts Special For Senior Citizens

Price: Available on request
When: Daily
Where: Nationwide

The President hotel 10% discount for locals

Price: Available on request
When: Until 31 October 2020
Where: Cape Town

Get 40% off when you book your stay at Colosseum Hotel

Price: Available on request
When: Until 13 December
Where: Cape Town


Latest Guide

Guide to debt rehabilitation solutions