Credit Card Breach in South Africa - Summary of Bank and PASA Responses

There was a massive breach in South Africa’s banks last week resulting in tens of millions of rands in losses. The breach was caused by a malicious malware called Dexter which was unknowingly installed on the POS terminals of a number of fast food chains.
It is believed that the malware was implemented by an international syndicate and the South African Police Service is working with Interpol and Europol in an effort to bring the guilty party to justice.

In response to the breach all the major banks have released statements to reassure their clients.

Standard bank said:
‘Immediate pro-active steps have been taken by Standard Bank (and the rest of the industry) to identify and limit the extent of the potential exposure. All Standard Bank cards that may have been impacted have been placed under a heightened level of monitoring to detect possible unusual or fraudulent activity.’

Absa bank said:
“It has come to light that the Dexter virus was identified at a contained number of terminals across a number of merchants where Absa has had very limited exposure to date.”

FNB said:
“FNB continually monitors all card transactions for unusual or fraudulent activity and take the necessary proactive measures to prevent fraud, including the re-issue of cards to potentially affected customers.”

Nedbank said
“Nedbank will continue to closely monitor all transactions acquired by third-party processors and Nedbank clients need not be concerned.”

The Payments Association of South Africa released a statement saying,

The Payments Association of South Africa (PASA), international card schemes (Visa and MasterCard) and South Africa’s major banks have taken immediate steps to prevent a further leakage of card details because of a security lapse at a company processing online transactions.

Walter Volker, the CEO of PASA, said there was no need for undue concern by cardholders. There are indications at this stage that only a limited number of card details have been accessed by outside organisations and as a result limited fraud has been perpetrated.

The industry has taken immediate and pro-active steps to identify the extent of the potential exposure and to carefully monitor transactions on the cards involved in order to detect possible unusual activity. Fortunately, to date, there seems to be evidence of only very limited fraud being perpetrated as a direct result of the exposure.

Should fraudulent transactions be perpetrated on any of these cards as a result of the data compromise, cardholders would not be exposed to any losses – as is the case under normal circumstances.”