TechCentralTechCentral
    Facebook Twitter YouTube LinkedIn
    Facebook Twitter LinkedIn YouTube
    TechCentralTechCentral
    NEWSLETTER
    • News

      Willington Ngwepe to step down as Icasa CEO

      10 August 2022

      Samsung unveils its latest foldable smartphones

      10 August 2022

      Cape Town’s DataProphet expands funding to R165-million

      10 August 2022

      The tech proves it: South African women are better drivers than men

      10 August 2022

      BT, Seacom sign ‘strategic alliance’ for enterprise services

      10 August 2022
    • World

      Jumia says it’s past peak losses, shares jump

      10 August 2022

      Elon Musk sells $6.9-billion of Tesla to avoid Twitter fire sale

      10 August 2022

      Nvidia issues profit warning on slump in demand for graphics cards

      8 August 2022

      Buterin: Mining on Ethereum Classic won’t affect Merge

      8 August 2022

      Musk challenges Twitter CEO to a public debate

      7 August 2022
    • In-depth

      The length of Earth’s days has been increasing – and no one knows why

      7 August 2022

      As Facebook fades, the Mad Men of advertising stage a comeback

      2 August 2022

      Crypto breaks the rules. That’s the point

      27 July 2022

      E-mail scams are getting chillingly personal

      17 July 2022

      Webb telescope’s stunning images of the cosmos

      12 July 2022
    • Podcasts

      e4’s Adri Führi on encouraging more women into tech careers

      10 August 2022

      How South Africa can woo more women into tech

      4 August 2022

      Book and check-in via WhatsApp? FlySafair is on it

      28 July 2022

      Interview: Why Dell’s next-gen PowerEdge servers change the game

      28 July 2022

      Demystifying the complexity of AI – fact vs fiction

      6 July 2022
    • Opinion

      SIU seeks to set aside R215-million IT tender

      19 July 2022

      No reason South Africa should have a shortage of electricity: Ramaphosa

      11 July 2022

      Ntshavheni’s bias against the private sector

      8 July 2022

      South Africa can no longer rely on Eskom alone

      4 July 2022

      Has South Africa’s advertising industry lost its way?

      21 June 2022
    • Company Hubs
      • 1-grid
      • Altron Document Solutions
      • Amplitude
      • Atvance Intellect
      • Axiz
      • BOATech
      • CallMiner
      • Digital Generation
      • E4
      • ESET
      • Euphoria Telecom
      • IBM
      • Kyocera Document Solutions
      • Microsoft
      • Nutanix
      • One Trust
      • Pinnacle
      • Skybox Security
      • SkyWire
      • Tarsus on Demand
      • Videri Digital
      • Zendesk
    • Sections
      • Banking
      • Broadcasting and Media
      • Cloud computing
      • Consumer electronics
      • Cryptocurrencies
      • Education and skills
      • Energy
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Motoring and transport
      • Public sector
      • Science
      • Social media
      • Talent and leadership
      • Telecoms
    • Advertise
    TechCentralTechCentral
    Home»Sections»Information security»Data breach hits major South African insurance player

    Data breach hits major South African insurance player

    Information security By Duncan McLeod30 June 2021
    Facebook Twitter LinkedIn WhatsApp Telegram Email

    QSure, a big player in South Africa’s insurance industry, has been hit by a data breach in which bank account numbers and other sensitive information were compromised by a third party.

    The company would not say how many records were exposed through the breach, only that the incident is “still being investigated”.

    “On 9 June 2021, QSure became aware that it had been subject to illegal and unauthorised access to its IT infrastructure, and immediately isolated its IT network and shut down its systems,” said chief operating officer Ian du Toit in e-mailed response to questions from TechCentral.

    QSure immediately appointed three industry-leading and independent cyber-forensic and security technology firms…

    QSure is a registered financial services provider and one of the collection agencies that provides collection and premium handling services for the South Africa insurance industry. Its clients include big insurance companies and insurance brokers.

    “QSure immediately appointed three industry-leading and independent cyber-forensic and security technology firms to conduct a detailed forensic investigation into the cybersecurity incident,” Du Toit said. “QSure takes the safety and security of its clients’ data extremely seriously. The company has notified insurers and brokers with whom it does business, as well as the relevant regulatory authorities, and continues to provide support in this regard.”

    ‘Exfiltrated’

    Preliminary investigations show that the compromised data had been “exfiltrated” from the company’s servers. “The data relates only to policyholders who are clients of QSure’s customers (insurers and brokers) and includes banking details, limited to the account holder name, bank account numbers and bank branch codes. No policyholder identity numbers, credit card details, any form of contact details, or policy content are kept on QSure’s database and therefore could not be compromised,” Du Toit said.

    “All brokers have been briefed and have, in turn, notified or are in the process of notifying their policyholders.”

    He said QSure’s IT platform has been “completely rebuilt” and “all necessary steps have been taken to ensure the environment is secure”.

    “It was built and configured under the guidance of forensic security and technology consultants, appointed specifically to assist with managing the incident.”

    QSure did not answer questions about whether it knows who was responsible for the breach or how they were able to compromise the company’s systems.

    TechCentral first became aware of the breach when insurance firm Hollard sent an e-mail to affected customers notifying them about the breach.

    “On Thursday, 17 June, Hollard received confirmation of a data breach at QSure, an administration company that facilitates the collection of debit orders for many of South Africa’s major insurers, including Hollard. The breach potentially affects all insurance customers whose debit orders are processed, or have been processed in the past, by QSure,” Hollard said.

    We need to advise you that there is a possibility that information stored on the QSure database now sits in unauthorised hands

    “QSure have assured us that they reacted quickly to unusual activity on their servers on 9 June and took down all external connections as quickly as possible before restoring operations in a totally secured environment. They also immediately commissioned an independent investigation, and cybersecurity experts engaged by QSure confirmed on 17 June that that the activity had resulted in a breach, which included the unauthorised movement or copying of customer data to an external environment.”

    Hollard said the breach has been reported to the “relevant authorities”.

    Risk of fraud

    “We need to advise you that there is a possibility that information stored on the QSure database now sits in unauthorised hands,” Hollard said its communication with customers.

    “This information consists of account holder name, bank account number and branch details, and there is an increased risk of fraud and other identity crimes associated with this information being in the hands of cybercriminals. No identity numbers or other data, often used in conjunction with banking details to perpetrate fraud, was compromised.”

    Hollard advised its clients, among other things, to be cautious of phone calls, e-mails or SMSes that ask for their personal information, and not to disclose this information, especially Pins and passwords.

    “If you suspect that you have been contacted by a fraudster, notify your bank or appropriate service provider. Examine your bank records and accounts more closely and report and request the reversal of any suspicious or fraudulent transactions. And change your passwords regularly and try use different passwords for all of your accounts.”

    Hollard also advised clients to visit haveibeenpwned.com, which allows them to check whether their personal data has been compromised through security incidents such as data breaches.  — © 2021 NewsCentral Media

    Hollard Ian du Toit QSure top
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email
    Previous ArticleEskom seeks R140-billion for shift to renewables
    Next Article Cell C in talks with RMB, Investec for R4-billion in funding

    Related Posts

    Willington Ngwepe to step down as Icasa CEO

    10 August 2022

    Samsung unveils its latest foldable smartphones

    10 August 2022

    Cape Town’s DataProphet expands funding to R165-million

    10 August 2022
    Add A Comment

    Comments are closed.

    Promoted

    How secure is your cloud?

    10 August 2022

    5 ways to make attack-path management more manageable

    10 August 2022

    Smart homes need even smarter Wi-Fi

    10 August 2022
    Opinion

    SIU seeks to set aside R215-million IT tender

    19 July 2022

    No reason South Africa should have a shortage of electricity: Ramaphosa

    11 July 2022

    Ntshavheni’s bias against the private sector

    8 July 2022

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2022 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.