Jun 19, 2020 10:58:06 AM
Jun 19, 2020 10:58:06 AM
The target: Postbank, the banking division of South Africa’s Post Office.
The take: $3.2 million USD
The attack vector: Rogue employees printed the bank’s ‘master key’, a 36 digit code which allows its users to decrypt the bank’s operations and modify security protocols, on a piece of paper from an old data center. Using this credential they were able to access customer accounts and execute more than 25,000 fraudulent transactions, stealing $3.2 million. In addition to the cash, the master key also gave the attackers access to ATM pins, home banking access codes, customer data and credit card information which could then be used for sophisticated phishing attacks.
This breach highlights the importance of privileged credential management and the cascading negative effects that can happen when a high level protocol is compromised.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
84 Chain Lake Drive, Suite 501
Halifax, NS
Canada, B3S 1A2
+1-902-429-8880
Manila
Ground Floor, Three E-com Center
Mall of Asia Complex
Pasay City, Metro Manila
Philippines 1300
Sydney
Level 36 Governor Phillip Tower
1 Farrer Place Sydney 2000
Australia
+61 (2) 8823 3370
Abu Dhabi
Floor No.15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy