South African bank, Absa, has warned customers that a rogue employee sold some of their personal data to an external third party. ID numbers, contact details, physical home addresses, and account numbers are thought to have been compromised.
The bank said: “The leaked data relates to a small portion of Absa South Africa’s customer base to date, although investigations continue.” It stated that upon discovering the contravention, it secured a High Court order for search and seizure operations at various premises and secured all devices containing the data. The data on these devices was subsequently destroyed.
The lender also said it has stepped up monitoring of customer accounts exposed in the breach and put in place additional control measures to minimize the risk of reoccurrence in future. Absa has brought criminal charges against the employee involved and says it may take further action in relation to the recipients of the data once the full scope of the leak is identified.