Postbank loses over R18-million to cybercrime attacks in three months

Most of the money stolen came from the Sassa beneficiary grant payment system, says CEO.
The South African Postbank is to spend R400-million over the next three years to upgrade and modernise its IT systems.
This follows the state-owned entity losing more than R18-million over a three-month period to cybercrime attacks.
On Tuesday, Postbank CEO Lucas Ndala told Parliament’s portfolio committee on communications that it had “a number of cyber fraud incidents — most of them relating to the Sassa beneficiary grant payment system”.
Ndala said the Postbank IT system had been flagged by the Auditor General for having “control weaknesses”.
“There has been a concerted effort to address these system deficiencies since the grant system was ceded to Postbank in 2021. A lot of these weaknesses come from the system itself because it came with a number of flaws that needed to be addressed over time,” Ndala said.
In response to DA MP Dianne Kohler Barnard on the total cost of the IT update, Ndala said, “The total cost approved is just around R400-million. This will be funded from Postbank resources. The modernisation will be over a three-year period.”
He said the accounts of 141 grant beneficiaries were hit in a cyber attack in August. The state-owned entity lost R5.8-million in this incident.
The second incident happened in September, also involving accounts receiving social grants on behalf of children. Ndala said the Postbank’s Fraud Risk Team discovered that some of these accounts were fraudulent, and, as a preventative measure, these were blocked.
Visit Daily Maverick’s home page for more news, analysis and investigations
However, “the blocking was not done properly,” said Ndala. “Anyone could unblock them within our branch network,” he said. Postbank lost about R4-million in this incident.
In October 2022, Ndala said the Postbank banking system suffered another cybercrime attack and lost about R9-million.
Earlier this year it was revealed that the Postbank had suffered a loss of at least R90-million in cybercrime attacks in October 2021.
Ndala told MPs that Postbank is on the same IT network as the South African Post Office (Sapo). One of the requirements when Postbank applied for a banking licence from the SA Reserve Bank, was that it needed its own “stand-alone IT environment that cannot be impacted by the risks from Sapo”.
Ndala said the report on a forensic audit into the recent cybercrime incidents is expected to be released in December, while the second part of the report is expected in February 2023.
Nonkqubela ...