Cybercriminals stole R90 million In physical cash through SASSA accounts from Postbank, a subsidiary of the South Africa Post Office.
amaBhungane Centre for Investigative Journalism uncovered the security breach.
However, the security breach was kept a secret by both the Post Bank and the Post Office.
AmaBhungane said between 16 and 28 October last year individuals presumed to be either employed by Postbank or by a Postbank contractor stole at least R89 459 330 in physical cash through SASSA accounts. The brazen fraud involved illicitly crediting grant beneficiary accounts with large sums and then emptying these accounts out at ATMs.
amaBhungane approached Postbank for comment and the bank stressed that the money was not stolen from customers but rather from Postbank itself.
“Postbank wishes not to provide too much information about the modus operandi of the cybercrime fraud incident in order to protect the sensitive processes of the investigation that is currently underway,” Postbank acting chief executive Kevin Maartens said in response to questions.
Following the discovery, the Postbank commissioned Ankura Consulting Group to analyse the security breach.
Ankura’s report noted that the perpetrators would have needed “a large-scale co-ordinated effort on the ‘outside’ to recruit beneficiaries willing to participate in allowing fraudulent activity to take place through their accounts”
A “risk management report” produced by Maartens in December shows that a total of 279 accounts were used to fraudulently withdraw the funds.
“This Modus Operandi (MO) included only ATM transactions as the perpetrators tried to withdraw the funds as quick as possible. The loss could not be determined with 100% accuracy and final numbers are not fully verified yet. The number is not expected to change materially and the loss amounts to R 89,459,330,” reads the report.
“It is clear from the above that the exploitation of a substandard IT environment by attackers lead to a major loss,” Maartens concluded.
For more read: R90m hack at Postbank kept under wraps