[This is a warning that went out from one of the banks to its customers. Huge amounts of data has been affected. So the question is: Who did this? Jan]
The banking industry has been made aware that Experian Information Solutions – a consumer, business and credit information services agency – has experienced a breach of data.
Although this information is not related to your personal banking details, client data protection is our utmost priority and therefore xxxxxxx has implemented additional measures in relation to fraud monitoring.
Experian has initiated a formal forensic investigation of the breach and has confirmed that the breach has been reported to law enforcement and appropriate regulatory authorities. Furthermore, Experian are working closely with South African Banking Risk Information Centre (SABRIC) and all banks to ensure that we proactively mitigate any potential risks as a result of the incident.
The banking industry has been working with Experian and SABRIC to identify which of their clients may have been exposed to the breach and to protect their personal information, even as the investigation unfolds. Banks and SABRIC have also been cooperating with Experian in their efforts to secure the data and ensure the perpetrators are brought to book.
xxxxxxx has a commercial relationship with Experian and other credit bureaus who provide similar services. xxxxxxx uses the services of Experian as part of its business and provides its clients’ credit data to Experian as part of its regulatory reporting duties. Due to the nature of Experian’s business model, they are permitted by law to obtain and store information of credit active clients. Based on the initial information that has been provided to xxxxxxx, the information of a number of clients that is held by Experian, may have been compromised.
Although the breach occurred at Experian, we wish to inform all our clients of this incident, and advise that we will be communicating directly with those clients whose information may have been compromised.
Client data protection is our utmost priority and therefore xxxxxxx has implemented additional measures in relation to fraud monitoring.