Bank details stolen in major insurance hack in South Africa
An attack on debit order collection company Qsure has hit several South African insurers that use its services, including Hollard and Guardrisk.
Australian security researcher Troy Hunt recently posted an Ooba advisory to his clients saying that although they do not yet know if any Guardrisk and Ooba clients have been affected, they have decided to send out warning notifications. .
Qsure informed Guardrisk on June 20 that it had experienced a “data incident” and that an unauthorized third party had gained access to the insured’s information.
Hollard spokesperson Warwick Bloom told MyBroadband they received a notice from Qsure on June 17 confirming a data breach.
The infringement affected short-term insurance clients whose debit orders are processed through brokers who use or have used the Qsure service, since 2014.
Bloom said Qsure informed them that the information stored in the compromised database was the names of account holders, bank account numbers and branch contact details.
“We have taken steps to ensure that policyholders whose information has potentially been misused have been alerted to the increased risk associated with such information being in the hands of third parties,” Bloom said.
âNo identity number or other data, often used in conjunction with bank details to perpetrate fraud, has been compromised.
Bloom said they have informed the offices of the information regulator and the appropriate insurance regulator.
“We were reassured by Qsure’s communication regarding their response to this incident, particularly around identifying and addressing potential security issues underlying the breach, and continue to work with them to minimize the possibility of a repeat of the incident, âBloom said.
“As such, we remain supportive of Qsure as a premium administrator.”
Data breach at ooba in South Africa. Sort of. Perhaps. It is not entirely clear. pic.twitter.com/ob7E1iaJfV
– Troy Hunt (@troyhunt) July 11, 2021
Bloom said he offered policyholders the following tips to minimize the risk of fraudulent use of their data:
- Check your credit report for free using Experian’s My credit check a service.
- Beware of phone calls, emails or SMS messages that ask for your personal information and do not disclose this information, especially PIN codes and passwords.
- If you think a fraudster has contacted you, let your bank or appropriate service provider know.
- Take a closer look at your bank statements and accounts, and report and request the cancellation of any suspicious or fraudulent transactions.
- Change your passwords regularly and try to use different passwords for all of your accounts. You can use a password manager like Bitwarden to help you remember all of your different passwords.
- Check the “Have I been convicted?(The site operated by Troy Hunt) – this allows you to check if your personal data has been compromised by data breaches using your username or email address.
Bloom said Hollard has set up a dedicated email address for policyholders to ask about the violation.
MyBroadband asked Qsure if it had made any progress in investigating the attack on its systems, and the company responded with a declaration they published in June.
âOn June 9, 2021, Qsure learned that it had been subject to illegal and unauthorized access to its IT infrastructure, and immediately isolated its IT network and shut down its systems,â said the director of the operating Qsure, Ian du Toit, in a statement.
âQsure immediately appointed an independent and industry-leading cybercrime and security technology company to conduct a detailed forensic investigation into the cybersecurity incident, as well as additional independent security experts to help manage the incident. “
Du Toit said the company has notified the insurers and brokers it does business with and the relevant regulatory authorities.
According to Du Toit, all brokers using Qsure’s collection services have been informed and have proactively informed their policyholders.
âQsure’s IT platform has been completely rebuilt and all necessary measures have been taken to ensure a safe environment,â said Du Toit.
âIt was built and configured under the direction of forensic security and technology consultants appointed specifically to help manage the incident. “
MyBroadband also contacted the regulator with information regarding the attack on Qsure and the resulting data breach.
The regulator acknowledged the investigation and said it would respond in due course.