FNB under fire after major data breach on its app
Applying for a bond using your bank’s smartphone app is supposed to make life easier, but for some FNB clients the experience turned into a nightmare recently when customer information was accidentally leaked to fellow users from the FNB app.
FNB customers started to report a glitch while using the bank’s mobile app, which is now in its tenth year of use. When applying for a bond using the online platform, users were able to see the names, addresses, ID numbers, and other personal information of other banking clients displayed in the app.
This disturbing user experience sent shockwaves through the banking industry as clients question the safety of their data in the hands of financial institutions.
While many major companies have been in the news recently after falling victim to ransomware attacks, the FNB incident appears to be the result of a technical glitch on the bank’s part.
Did FNB act too slowly? POPIA regulators may say yes
The Protection of Personal Information Act makes it a legal requirement for companies to report the loss of confidential data, whether it occurred deliberately or by mistake.
However, when questioned by the media about the recent data leak, FNB stated that they were still in the process of reporting it to the authorities. If you’re not clear as to how your own business would respond in a similar scenario, here’s a quick rundown of the legal requirements.
- Companies are required to report any loss of customer information to the Information Regulator as soon as possible. Fines of up to R10 million and jail sentence of after 10 years are the maximum penalties that can be applied if a violation is found to take place.
- There are further legal requirements including a risk assessment, containing the breach, and informing all affected customers or other data owners in a timely manner.
- If your business finds itself in the tricky situation of having a data leak or breach. It’s essential to report this to the Information Regulator without delay.
Avoid a data loss catastrophe with secure cloud storage
The latest FNB app data breach comes in the wake of an increasing number of data breaches from leading banks and South African organisations such as systems integrator Dimension Data, who only recently suffered another “limited” breach on their CMS platform.
Data leaks, breaches, and ransomware attacks are causing millions of Rand worth of damage to corporations across South Africa. In addition to being legally compliant, it’s also essential for you to back up all sensitive customer information using secure online storage.
Our encrypted cloud storage packages are the ideal way to keep your client data safe and prevent reputational damage if a leak occurs.