30 November 2020
Absa advises that an employee has unlawfully made selected customer data available to a small number of external parties. The leaked data relates to a small portion of Absa South Africa’s customer base to date, although investigations continue.
Upon discovering the contravention, Absa secured High Court orders that enabled search and seizure operations at various premises and secured all devices containing the data. The data on these devices was subsequently destroyed.
Absa has enhanced the monitoring of customer accounts that have been affected to date, and we will contact customers directly.
Absa has brought criminal charges against the employee, and internally the requisite consequence management has been undertaken. Absa may take further action in relation to the recipients of the data once the full scope of the leak is identified and all investigations are completed.
Absa has put in place additional control measures to minimize the risk of reoccurrence in future.