Postbank has lost more than $3.2 million on the back of fraudulent transactions and is now forced to replace more than 12 million cards for its customers, media reports said.
According to an internal report, the bank’s employees had used a master key to access customers’ accounts and make over 25,000 fraudulent transactions during the period between March and December 2019.
With that, Postcard is expected to replace all customer cards, media reports said. Former Chief Risk Officer Benjamin April, said in a January report, “It appears that the significance of magnitude of this card breach may not have been comprehended by Postbank operations and IT senior management. The Sassa master key compromise is a significant failure for the Postbank and also for the national payment system.”
The bank’s security audit reports that more than one employee stole the 36-digit code master or encryption key that will allow a user to decrypt the bank’s operations, media reports said.
Postbank is the subsidiary of the South African Post Office (SAPO). SAPO currently consists of a number of divisions and subsidiaries across financial services, logistics, property, electronic commerce, and retail services.
The Postbank itself was established in 1910 and is the largest savings bank in the country, with more than 6 million customers.