Overview
- Standard Bank says the breach exposed some credit card numbers and expiry dates without CVV codes, and it is replacing affected cards as a precaution.
- The Citizen reports investigators believe most credit card customers may be affected, though the bank maintains only some clients were hit.
- The bank says neither core banking nor transactional systems were accessed, and it has seen no misuse of data, but it warns clients about phishing and impersonation risks.
- The Information Regulator is running a parallel assessment under POPIA that could become a formal investigation, reviewing access controls, authentication, encryption, firewalls, intrusion detection, and logging.
- The incident involves personal data such as names and ID numbers, and it comes as South Africa faces persistent leaks, with 124.2 million records exposed since 2004, according to Surfshark.