A data breach has been reported by QSure insurance company in South Africa. As a result of this incident, sensitive information such as bank account details was stolen by a third party, according to Money Web
Any QSure’s client who made any payments via debit cards may be affected by the breach. QSure enlisted the assistance of three of the leading cybersecurity firms to conduct an investigation into the security incident.
The company stated that they alerted both business and the appropriate regulatory authorities. Moreover, they continue to provide assistance in this regard, while its IT platform has been reconfigured, and all relevant security measures have been implemented.
Chief operating officer Ian du Toit stated, “The data relates only to policyholders who are clients of QSure’s customers (insurers and brokers) and includes banking details, limited to the account holder name, bank account numbers and bank branch codes. No policyholder identity numbers, credit card details, any form of contact details, or policy content are kept on QSure’s database and therefore could not be compromised”.
A compromise in the security of their systems was discovered on June 17 when insurance company Hollard sent out an e-mail to impacted consumers informing them of the situation. Since the 9th of June, the strange activity on QSure servers has been discovered, and as a precaution, the company has suspended all external connections as quickly as possible before reinstating operations in a fully protected environment.
QSure did not mention whether it knows who is to blame for the incident
QSure did not respond to inquiries regarding whether the company knows who was responsible for the incident or how their systems were compromised.
In a statement, Hollard advised consumers that client information kept on the QSure database could fall into the hands of unwanted parties. According to the company, the compromised data included bank account numbers, branch information, and the account holder’s name. If cybercriminals begin to utilize this information, the risk of fraud and identity theft increases.
Hollard urged its clients to be especially suspicious of text messages, e-mails, and phone calls requesting private information, and to refuse giving out sensitive information, especially PINs and passwords, to any unknown party.