$6.7M stolen in South Africa cyber heist

$6.7M stolen in South Africa cyber heist

Tags:    hackers   South Africa

By Sarah Jacobsson Purewal, PC World (US) | Jan 20, 2012

The first major cybercrime of 2012 has taken place in South Africa, with hackers made off with about $6.7 million from Postbank, which is state-owned and part of the South African post office.

According to the Sunday Times, the hackers used stolen login details for a Postbank teller and a call center agent to transfer about $6.7 million into multiple bank accounts that were opened across the country late last year.

The hackers also made large cash withdrawals from ATMs in Gauteng, KwaZulu-Natal, and the Free State. Thanks to the stolen login details, the hackers were able to increase withdrawal limits and withdraw large amounts of money.

The robbery took place over three days, beginning on Jan. 1 a little after 9 a.m., and the last of the money was withdrawn from Postbank at 6:11 a.m. on Jan. 3.
Postbank told the Sunday Times that none of its four million customers were affected.

As Infoworld's Ted Samson notes, a crime like this raises several questions. Namely, how hackers were able to obtain a bank teller's and call center agent's credentials, and why such low-level employees had the ability to significantly increase withdrawal limits.

A senior IT and banking security expert told the Sunday Times that the Postbank network and security systems are "shocking and in desperate need of an overhaul" and that this type of theft was "always going to be a very real possibility." Three years ago, Postbank spent nearly $2 million to upgrade its fraud detection system.

Even though we hear a lot about annoying (but somewhat harmless) hacks performed by Anonymous-like "hacktivists," it's important to remember that most hacking and illegal activity occurs on the Web to make money, not a statement.

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Developing an enforceable mobile security policy new
Security risks have been heightened by the proliferation of employee-owned mobile devices in many enterprises. Employees will almost always take the path of least resistance in leveraging mobile devices for business purposes, which may lead to unsafe computing practices. A clearly documented and enforceable mobile security policy is critical to reducing the risk of data loss.
When Android apps want more than they need
So you just bought a new Android-based smartphone, what comes next? What else but the most exciting part—downloading the right apps to boost its functionality. You may even want to download a game or two or a movie or an MP3 player. But what if apps demand more of your personal information than they actually need?
 
 
 
Essar Group fights three BYOD devils new
Say BYOD, and CIOs cringe. They complain of security, supporting a flood of devices and losing control. But the CIO of Essar Group just proved his peers wrong. Here's how.
How Cisco deals with the BYOD revolution
Cisco Systems Inc. is one of the biggest IT companies in the world, with a disciplined organization. However, even its employees were unable to resist the bring-your-own-device revolution, which resulted in an explosion of SUSE Linux and Apple OS-based devices on a network that in 1999 had standardized on Windows. The company's IT department finally agreed to support new platforms, and learnt lessons from the experience.